Thursday, September 1, 2011

Adding more redundancy to postfix with ldap store

When using postfix with a ldap backend for storing user data is a common setup.

There exist a lot of guides on how to do this, for example:


These are good starting points for getting your MTA up and running.
When your business grows and becomes more "mission critical" it's time to look at what you can do to provide moreprotection against system failures.

As you might have seen, in the config file you have to add these ldap host definitions:

domains_server_host =

To protect you against ldap server failures, you can simply specify multiple ldap url's
in the standard ldap syntax.

This gives then:

domains_server_host =  ldap:// ldap://

You can even add more servers to the list if required.
If you use smtp authentication for mail submission, then you probably also have saslauthd configured. To benefit from the same redundancy just modify the ldap_servers line in the saslauthd.conf file too

ldap_servers: ldap:// ldap://

After reloading postfix and saslauthd the new configuration is active