Shouldn't an Invalid MTA Bind DN for the User/Group Administrator Cause "temporary directory failure" and not "unknown Or Illegal Alias" for a Failed Bind Operation? (Doc ID 2285047.1)

Last updated on JULY 11, 2017

Applies to:

Oracle Communications Messaging Server - Version 7.0.5 to 8.0.1 [Release 7.0.0 to 8.0.0]
Information in this document applies to any platform.

Goal

A failure occurred a few months ago where a DNS record was removed for something that should have only been an MX, and therefore, removing that A record should have been fine.  But, some MTAs were configured with nomx and some mail was bounced because the next hop was then invalid.

If the MTA's Bind DN is not valid, mail fails with "unknown or illegal alias".

Example http log entry:

It was not the SEARCH operation looking for the domain or user that failed with "no such object".
Yes, the above failing with "no such object" would be clearly an "unknown or illegal address" error (assuming no other etc, etc, ...).
But it was the initial attempt to connect to LDAP that failed with "Bind to ... as ... error: no such object ( 32)".

The MTA's LDAP Bind failing is not really a "temporary" error in the sense of something that should get better on its own, but...
isn't this a case where domain_failure should be used?

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms