Wietse Venema wrote:
Darek M.:
Hi there, my postfix "smart relay" install queries my LDAP system where
it was never configured to do so.
The OS is configured with LDAP/KRB5 authentication and does user/group
lookups via LDAP using nss_ldap:
# egrep 'passwd|group' /etc/nsswitch.conf
group: files ldap
group_compat: nis
passwd: files ldap
passwd_compat: nis
I disabled local delivery as per "The book of Postfix":
mydestination =
local_recipient_maps =
virtual_alias_maps = hash:/etc/postfix/virtual
local_transport = error:local mail delivery is disabled
Every Postfix process needs to look up the postfix user, and for
sanity checks it also looks up the postdrop group.
Postfix does not look up this user/group information via LDAP. The
system library does the lookups via the nsswitch mechanism.
Wietse
Right, if those are system user lookups then there's no way to avoid it
if I want to keep ldap/kerberos auth. I just wasn't clear about whether
these were local destination lookups.
Thanks.
