Aleksander Adamowski wrote:
The mail system becomes more complex and the probability of temporary connection problems between its components goes up. Those temporary connection problems are often short-term, but are inevitable. Various causes are possible. My case with OpenLDAP crashing is among them, but not the only one.
You're right, problems with back-end services are inevitable. The question, then is how to handle them. At one extreme, you can disavow any responsibility for retrying, and immediately pass the failure to the remote client. That's pretty much what Courier does, now. At the other extreme, you can retry indefinitely, and block clients until the situation is resolved. Somewhere in the middle is an implementation that delays and retries until a preset upper limit is reached, and then informs the client that it's failed.
As far as SMTP is concerned, there's very little return in introducing the complexity required to make Courier/authdaemon more robust. Courier's smtpd sends back a temporary failure code, which will cause most systems will retry delivery in short order. The logic required for retries already exists in remote MTAs, and it makes sense to use it.
For local clients, the return will be slightly greater. However, as far as I understand it, the logic would really need to be introduced into all of the processes that use authdaemon, rather than in authdaemon itself. If authdaemon begins blocking, the other processes will very quickly be unable to connect to it, and will have to inform the clients of failure. You won't have solved the problem.
With that in mind, I'm not personally concerned about Courier's behavior enough to modify it. If you are, the modifications required for each service are likely to be substantially similar. Give it a shot.
* a change to access permissions to the OpenLDAP directory requires restart of slapd (silly, but true :( ), which causes a 2-4 seconds LDAP downtime
Off topic, but you could consider using another directory server. The new Fedora DS is quite good, and stores ACIs as attributes in the directory. Among other advantages, this ensures that security settings are replicated like the rest of the data.
------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Do you grep through log files for problems? Stop! Download the new AJAX search engine that makes searching your log files as easy as surfing the web. DOWNLOAD SPLUNK! http://sel.as-us.falkag.net/sel?cmd=lnk&kid=103432&bid=230486&dat=121642 _______________________________________________ courier-users mailing list [email protected] Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
