firewall timeout of LDAP connections causes amavis to error instead of falling back

Quanah Gibson-Mount quanah at
Wed May 9 01:28:51 CEST 2012

We have a firewall between our MTA and LDAP servers.  The firewall is 
currently (incorrectly) set to timeout all connections that are idle for > 
30 minutes.  Since I'm using this MTA for testing only atm, this regularly 

Even though amavis is configured to rely on multiple LDAP servers, it does 
not correctly failover to one of the other LDAP servers when its connection 
is timed out by the firewall:

May  8 16:26:49 edge01-zcs postfix/smtp[544]: 8B820255: 
to=<quanah at xxxxxxxxxx>, relay=[]:10026, delay=300, 
delays=0.14/0.01/0.01/300, dsn=4.4.2, status=deferred (conversation with[] timed out while sending RCPT TO)
May  8 16:27:25 edge01-zcs amavis[29194]: (29194-02) (!)lookup_ldap: timed 
out at (eval 101) line 185, <GEN15> line 101.
May  8 16:27:25 edge01-zcs amavis[29194]: (29194-02) (!)Requesting process 
rundown, task exceeded allowed time

It seems amavis should check if its connection is still active, and if not, 
fallover to one of the other LDAP servers in this scenario.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration

More information about the amavis-users mailing list