Re: Broken opendkim caching of LDAP result

From: Rolf E. Sonneveld <R.E.Sonneveld_at_sonnection.nl>
Date: Mon, 07 May 2012 23:16:57 +0200

On 5/4/12 6:37 AM, Murray S. Kucherawy wrote:
>> -----Original Message-----
>> From: Quanah Gibson-Mount [mailto:quanah_at_zimbra.com]
>> Sent: Thursday, May 03, 2012 9:33 PM
>> To: Murray S. Kucherawy; opendkim-users_at_lists.opendkim.org
>> Subject: RE: Broken opendkim caching of LDAP result
>>
>> Never mind, I see it right here. ;) Let me remove that from my build.
>> I don't see why anyone would ever want that, it goes against the entire
>> purpose of using LDAP...
> It's a "for future release" option, not part of production code. These things either make their way into production code because people are using them, or they eventually get removed from lack of use for the sake of keeping the code clean. So if you're right, I'll remove it sooner or later.

I don't agree with Quanah that caching LDAP results is always a bad
idea. The Oracle Communications Messaging Server (aka Sun Java System
Messaging Server aka Sun ONE Messaging Server aka iPlanet Messaging
Server) has used a smart LDAP caching algorithm since the year 2000 and
it has proven to work very well.

In the past I integrated Postfix with Active Directory via ldap maps,
without caching. The amount of LDAP queries to AD regularly gave
problems, as AD could not cope with the query rate. Caching would have
solved this problem.

/rolf
Received on Mon May 07 2012 - 21:09:31 PST