ldapi:// does not work on running postfix but works with postmap

10 views
Skip to first unread message

John L Magee

unread,
Dec 29, 2021, 1:47:36 PM12/29/21
to
diagnostic information follows

[root@rhel79work ~]# #--------------------------------------------------
[root@rhel79work ~]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.10.1/README_FILES
relay_domains = REDACTED.com payermail.com
sample_directory = /usr/share/doc/postfix-2.10.1/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
transport_maps = ldap:/etc/postfix/nexthop hash:/etc/postfix/discard
unknown_local_recipient_reject_code = 550
[root@rhel79work ~]# postconf -Mf
smtp inet n - n - - smtpd
pickup unix n - n 60 1 pickup
cleanup unix n - n - 0 cleanup
qmgr unix n - n 300 1 qmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
proxywrite unix - - n - 1 proxymap
smtp unix - - n - - smtp
relay unix - - n - - smtp
showq unix n - n - - showq
error unix - - n - - error
retry unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
[root@rhel79work ~]# cat /etc/postfix/nexthop
#server_host = ldap://localhost:389
bind = no
server_host = ldapi://
version = 3
search_base = dc=payerinbound,dc=base
query_filter = (mail=%s)
result_attribute = mailNextHop
[root@rhel79work ~]# postmap -q prov1_...@REDACTED.com ldap:/etc/postfix/nexthop
smtp:REDACTED.com
[root@rhel79work ~]#

#----------log---------------
root@rhel79work ~]# tail -f /var/log/maillog
Dec 29 10:25:29 rhel79work postfix/trivial-rewrite[6030]: warning: ldap:/etc/postfix/nexthop lookup error for "*"
Dec 29 10:25:29 rhel79work postfix/trivial-rewrite[6030]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 10:25:29 rhel79work postfix/trivial-rewrite[6030]: warning: ldap:/etc/postfix/nexthop lookup error for "Te...@test.com"
Dec 29 10:25:29 rhel79work postfix/trivial-rewrite[6030]: warning: transport_maps lookup failure
Dec 29 10:25:32 rhel79work postfix/trivial-rewrite[6030]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 10:25:32 rhel79work postfix/trivial-rewrite[6030]: warning: ldap:/etc/postfix/nexthop lookup error for "prov1_...@REDACTED.com"
Dec 29 10:25:32 rhel79work postfix/trivial-rewrite[6030]: warning: transport_maps lookup failure
Dec 29 10:25:32 rhel79work postfix/smtpd[6017]: NOQUEUE: reject: RCPT from gateway[192.168.122.1]: 451 4.3.0 <prov1_...@REDACTED.com>: Temporary lookup failure; from=<Te...@test.com> to=<prov1_...@REDACTED.com> proto=SMTP
Dec 29 10:25:38 rhel79work postfix/smtpd[6017]: warning: non-SMTP command from gateway[192.168.122.1]: To: prov1_...@REDACTED.com
Dec 29 10:25:38 rhel79work postfix/smtpd[6017]: disconnect from gateway[192.168.122.1]
Dec 29 13:24:26 rhel79work postfix/smtpd[6259]: connect from gateway[192.168.122.1]
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: ldap:/etc/postfix/nexthop lookup error for "*"
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: ldap:/etc/postfix/nexthop lookup error for "*"
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: ldap:/etc/postfix/nexthop lookup error for "Te...@test.com"
Dec 29 13:24:34 rhel79work postfix/trivial-rewrite[6261]: warning: transport_maps lookup failure
Dec 29 13:24:37 rhel79work postfix/trivial-rewrite[6261]: warning: dict_ldap_lookup: Search error -1: Can't contact LDAP server
Dec 29 13:24:37 rhel79work postfix/trivial-rewrite[6261]: warning: ldap:/etc/postfix/nexthop lookup error for "prov1_...@REDACTED.com"
Dec 29 13:24:37 rhel79work postfix/trivial-rewrite[6261]: warning: transport_maps lookup failure
Dec 29 13:24:37 rhel79work postfix/smtpd[6259]: NOQUEUE: reject: RCPT from gateway[192.168.122.1]: 451 4.3.0 <prov1_...@REDACTED.com>: Temporary lookup failure; from=<Te...@test.com> to=<prov1_...@REDACTED.com> proto=SMTP
Dec 29 13:24:43 rhel79work postfix/smtpd[6259]: warning: non-SMTP command from gateway[192.168.122.1]: To: prov1_...@REDACTED.com
Dec 29 13:24:43 rhel79work postfix/smtpd[6259]: disconnect from gateway[192.168.122.1]

#------------test script------------
cat testrecopayer.sh
{
sleep 5;
echo 'ehlo';
sleep 3;
echo 'MAIL FROM:<Te...@test.com>';
sleep 3;
echo 'RCPT TO: <prov1_...@REDACTED.com>';
sleep 3;
echo 'DATA';
sleep 3;
echo -e 'To: prov1_...@REDACTED.com\n'
echo -e 'Subject: Just a test\n'
echo -e 'Some da da \n'
echo '.';
} | telnet 192.168.122.196 25

#-------ldap object---------------

[root@rhel79work ~]# ldapsearch -Y EXTERNAL -H ldapi:/// -b "dc=payerinbound,dc=base" "mail=prov1_...@REDACTED.com"
SASL/EXTERNAL authentication started
SASL username: gidNumber=0+uidNumber=0,cn=peercred,cn=external,cn=auth
SASL SSF: 0
# extended LDIF
#
# LDAPv3
# base <dc=payerinbound,dc=base> with scope subtree
# filter: mail=prov1_...@REDACTED.com
# requesting: ALL
#

# prov1_payer1, REDACTED, payerinbound.base
dn: cn=prov1_payer1,ou=REDACTED,dc=payerinbound,dc=base
cn: prov1_payer1
sn: REDACTED
objectClass: top
objectClass: inetOrgPerson
objectClass: postfixVirtual
uid: prov1_payer1
mail: prov1_...@REDACTED.com
mailNextHop: smtp:REDACTED.com

# search result
search: 2
result: 0 Success

# numResponses: 2
# numEntries: 1
[root@rhel79work ~]#


Reply all
Reply to author
Forward
0 new messages