Author: Patrick von der Hagen Date: To: exim-users Subject: Re: [Exim] sender_verify when DNS comes down....
On Wed, Nov 21, 2001 at 05:03:55PM +0000, Philip Hazel wrote:
[...] > I take it that by "DNS came down" you actually mean "my host was unable
> do do DNS queries"? Because the DNS as seen from here has been working
> fine all day. You are right. I suspected that our DNS-problems where related to the
mail-problems, but this was definitly wrong. A colleague had changed the
LDAP-configuration at about the same time and only on one of our
LDAP-servers. As a result, queries from our mail-gateway to that particular
LDAP-server failed.
In detail: exim connects to LDAP-server. The connection is established and
exim does it's query. The LDAP-server checks authorisation, fails and replys
"no such entry" which is correctly interpreted as a failure by exim. IMHO it
is a misbehaviour of the LDAP-server which IMHO should return something like
"you are not allowed to query" instead.
So exim has no way to find out, wheter the entry really "does not exist" or
there is a (perhaps temporarily) failure in the LDAP-configuration.
receiver_try_verify wouldn't help either, since the LDAP-lookup actually
succeeds but returns a wrong result.
--
CU,
Patrick.
"Never run on auto-pilot" - The Pragmatic Programmer