Henning Brauer <[EMAIL PROTECTED]> writes:
> On Tue, Aug 07, 2001 at 03:58:22PM -0400, Scott Gifford wrote:
> > While we're on this topic, is there a reasonable way to reliably
> > guarantee uniqueness across both the 'mail' and 'mailalternateaddress'
> > attributes? We finally stopped using 'mail' altogether, because we
> > couldn't find a way to make this work without race conditions.
>
> Before accepting a new entry in your interfaces run a search
> (|(mail=newaddress)(mailalternateaddress=newaddress)) - if there's a result
> don't use it...
There's a race condition there. Assuming that this search takes 2
seconds to complete:
0 seconds: User 1 asks to create new mailbox '[EMAIL PROTECTED]' as primary
1 second: User 2 asks to create new mailbox '[EMAIL PROTECTED]' as alternate
2 seconds: User 1 runs search
3 seconds: User 2 runs search
4 seconds: User 1 gets back "Not used!"
5 seconds: User 2 gets back "Not used!"
6 seconds: User 1 creates mailbox with '[EMAIL PROTECTED]'
7 seconds: User 2 creates mailbox with '[EMAIL PROTECTED]'
8 seconds and later: Neither user can receive mail
Obviously, you can scale all these numbers up or down if your LDAP
server is faster or slower.
The qmail-ldap server I used to run had about 600K users who each had
5 mailboxes, and could change them at will via a Web interface, so
that was a real risk for us.
----ScottG.
