[SOLVED] Postfix and front-end MTA with LDAP check

[uxbod]

I am trying to get a front-end Postfix MTA to validate against the Zimbra LDAP but getting the following error

Code:

Aug  2 12:04:40 gateway postfix/master[1310]: warning: /usr/libexec/postfix/trivial-rewrite: bad command startup -- throttling
Aug  2 12:05:40 gateway postfix/proxymap[1718]: error: dict_ldap_connect: Unable to set STARTTLS: -11: Connect error
Aug  2 12:05:40 gateway postfix/trivial-rewrite[1717]: fatal: proxy:ldap:/etc/postfix/ldap-vad.cf(0,lock|fold_fix): table lookup problem
Aug  2 12:05:41 gateway postfix/smtpd[1316]: warning: premature end-of-input on private/rewrite socket while reading input attribute name

I have copied /opt/zimbra/conf/ldap*.cf across to the server and have updated them to use the correct paths

Code:

cat ldap-vam.cf 
server_host = ldap://XXXXXXXXXXXX:389
server_port = 389
search_base =
query_filter = (&(|(zimbraMailDeliveryAddress=%s)(zimbraMailAlias=%s)(zimbraMailCatchAllAddress=%s))(zimbraMailStatus=enabled))
result_attribute = zimbraMailDeliveryAddress,zimbraMailForwardingAddress,zimbraPrefMailForwardingAddress,zimbraMailCatchAllForwardingAddress
version = 3
start_tls = yes
tls_ca_cert_dir = /etc/postfix/ca
bind = yes
bind_dn = uid=zmpostfix,cn=appaccts,cn=zimbra
bind_pw = XXXXXXXXX
timeout = 30

The certs have also been copied across from /opt/zimbra/conf/ca. If I perform a ldapsearch and specify the bind credentials plus the query filter it returns the correct results; so firewall is not a issue.

Any ideas please

[uxbod]

Duh! After strace'ing the proxmap process I found that I have failed to create the symlink to the cert

Validation is now working a treat and have LMTP between the two server aswell