SUSE LINUX Enterprise Server 9 (i586)
PATCHLEVEL = 4
NDSserv-8.7.3.10-78
postfix-2.1.1-1.24
cyrus-imapd-2.2.3-83.42

Given is OES SP4 with a mail server used mainly to collect local system
messages. The few human users authenticate through their Linux accounts
for accessing the IMAP mailboxes or sending mail. So the mail user name
and password always matches the cn and password as stored in eDirectory.

Now I want to add a few mail accounts for users which are not Linux
enabled, e.g. in LDAP notation:
dn: cn=mailuser,ou=USERS,o=COM
Omitting the 'Linux enable' step in iManager this user is not part of
'objectClass: posixAccount' and has no uidNumber. Consequently, it does
not show up in 'getent passwd' as a local user.
Still the IMAP server does accept the username and passwd which allows
him to open his INBOX and sending mail. That's fine and what I wanted.

Problems start when the newly created user wants to receive mail. In the
standard configuration postfix is configured to look up local UNIX users
and the alias databases prior to accepting an incoming mail:

$ postconf local_recipient_maps
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps

This fails for the freshly created mailuser and incoming mail is rejected.

Following
/usr/share/doc/packages/postfix/README_FILES/LOCAL_RECIPIENT_README
the workaround is to generate a database file with all non-UNIX user
names and tell smtp to include this when searching for local recipients:

$ postconf local_recipient_maps
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps, \
hash:/etc/postfix/local_recipient

where /etc/postfix/local_recipient.db is the database which was created
similar to /etc/aliases.db.

This works, but then I assume that there is much simpler solution where
one does not need to keep eDirectory and local_recipient.db in sync. So
to cut a long story short: how do I configure postfix to look up
non-UNIX users in eDirectory when querying for local recipients?

Some configuration details which might be relevant here:

# /etc/postfix/main.cf
local_recipient_maps = proxy:unix:passwd.byname, $alias_maps, \
hash:/etc/postfix/local_recipient
smtpd_recipient_restrictions = \
permit_mynetworks,reject_unauth_destination
smtp_sasl_auth_enable = no
smtpd_sasl_auth_enable = no

# /etc/imapd.conf
sasl_pwcheck_method: saslauthd

# /etc/pam.d/smtp
auth sufficient /lib/security/pam_nam.so
auth required /lib/security/pam_unix2.so
account sufficient /lib/security/pam_nam.so
account required /lib/security/pam_unix2.so
password sufficient /lib/security/pam_nam.so
password required /lib/security/pam_unix2.so
session optional /lib/security/pam_nam.so
session required /lib/security/pam_unix2.so

# /etc/pam.d/imap
auth sufficient /lib/security/pam_nam.so
auth required /lib/security/pam_unix2.so
account sufficient /lib/security/pam_nam.so
account required /lib/security/pam_unix2.so
password sufficient /lib/security/pam_nam.so
password required /lib/security/pam_unix2.so
session optional /lib/security/pam_nam.so
session required /lib/security/pam_unix2.so

Gnther