When using spam and virus firewall, it makes sense to configure LDAP so that the Barracuda appliance can query the valid users on the destination mail server and reject mail immediately to invalid email addresses. This offloads resources of the appliance and the destination mail server
There is a radio button (yes/no) for unify aliases. This also makes sense to set to yes (Description is "Use single account for preferences and quarantines for all of a user's email aliases. Recommended: Yes") that if I have 4 different email combinations.
That if these 4 aliases go to one user, that Barracuda treat the account as one user with one spam settings, one quarantine threshold, one quarantine notification...
This is all great. However, I've recently found out though though a support case 03098559 that setting this field to yes does more than just merge aliases into one container. It also makes it so that if the destination server is unavailable to LDAP queries than it will defer inbound mail and leave it in the sending server's hands to retry... But the number of retries AND frequency is also at the sending servers discretion.. so this can lead to refused mail or to delayed mail
Why would there not be a second radio button system wide or domain wide that would specify what to do if LDAP server is unavailable??!! The obvious answer would be to failover to SMTP authentication.. if SMTP authentication were to fail, then I want the appliance to accept ALL mail (regardless of valid recipient or not) and then the mail is sitting in the appliance waiting for the mail server to come up again.. Once the mail server is up,. I can requeue the messages and the end users will have their mail instantly.
Authentication has it's purposes but tying a radio button to 2 different functions makes no sense!