Re: [Exim] LDAP attribute extraction

Top Page
Delete this message
Reply to this message
Author: michael
Date:  
To: exim-users, kaih
Subject: Re: [Exim] LDAP attribute extraction
> Before starting to think about this more seriously, do people (preferrably
> people familiar with Exim's internals) think this might be useful, and
> what would people think is a reasonable interface to such a cache? I'm
> thinking of caching just about anything that Exim requests from external
> sources, except lsearch or db type stuff. That is, ldap queries, DNS
> queries, NIS queries, and so on and so forth.


Does nscd ring any bells? It's exactly what you describe and it caused a
coworker big troubles just today, because the TTL of a DNS entry expired
and nscd _still_ delivered the cached entry. He does not use nscd any
more now. :)

I use ldap, because that way all changes like new accounts are instantly
valid. A long lived cache will introduce inconsistencies and besides,
do LDAP queries dominate your system? If so, try moving the LDAP server
to a dedicated machine. I had exim flushing the page cache by the
continuous stream of mails, which hurt the LDAP server badly, which in
turn made exim slow. Moving it to a dedicated machine solved that problem
and now both exim and ldap fly. :)

If my data would be more static, I would distribute cdb files, say all 15
minutes. cdb is quite efficient and file system I/O from the mail spool
will probably dominate the system by far.

It would be nice if there was a way to get an entire ldap entry and
then reuse its attributes, because as you pointed out correctly, the
query result is cached and the attributes you ask for are part of the
query. It might reduce my queries to 1/4 or 1/5. Then again, that's
not really a problem for me right now, so removing it would not help a lot.

Michael