Hi,
after a new install and avoiding a lot of simple faults, i try to run my
system postfix as smtpd, smtpds, and submission, and dovecot as imap and
lmtp server.
I can login to imap, and i can send via 587 with sasl authentification.
So i think that most things are ok :-)
What does NOT work is the local transport to my maildir.
christian.k...@qno.de is not resolved to q...@qno.de but to
q...@bywater.qno.de, and lmtp rejects that unverified user:
2025-05-25T18:13:25.431342+02:00 bywater postfix/smtpd[987726]: NOQUEUE:
reject: RCPT from mail-lj1-f176.google.com[209.85.208.176]: 450 4.1.1
<q...@bywater.qno.de>: Recipient address rejected: unverified address:
host bywater.qno.de[private/dovecot-lmtp] said: 550 5.1.1
<q...@bywater.qno.de> User doesn't exist: q...@bywater.qno.de (in reply to
RCPT TO command)
also mails to qno-anyextens...@qno.de are rejected. I set
recipient_delimiter to -, but it seems to be ignored by lmtp:
2025-05-25T15:24:10.147369+02:00 bywater postfix/smtpd[985952]: NOQUEUE:
reject: RCPT from higher.littydate.com[104.244.79.41]: 450 4.1.1
<qno-plan...@qno.de>: Recipient address rejected: unverified address:
host bywater.qno.de[private/dovecot-lmtp] said: 550 5.1.1
<qno-plan...@qno.de> User doesn't exist: qno-plan...@qno.de (in reply to
RCPT TO command); from=<webmas...@littydate.com> to=<qno-plan...@qno.de>
proto=ESMTP helo=<higher.littydate.com>
postconf -n: (postfix 3.8.6)
broken_sasl_auth_clients = yes
compatibility_level = 3.6
content_filter = amavis:[127.0.0.1]:10024
default_database_type = cdb
indexed = ${default_database_type}:${tabledir}
inet_interfaces = 127.0.0.1, 65.21.136.15, [::1],
[2a01:4f9:3b:25b0:9:6:1:e01]
local_recipient_maps =
mailbox_transport = lmtp:unix:private/dovecot-lmtp
mydestination = $myhostname
mydomain = qno.de
myhostname = bywater.qno.de
mynetworks = 127.0.0.0/8 65.21.136.15/32 [::1]/128
[2a01:4f9:3b:25b0:9:6:1:e01]/128 [2a01:4f8:171:b85:9:6:1:e01]/128
136.243.102.134/32
myorigin = $mydomain
policyd-spf_time_limit = 3600
postscreen_access_list = permit_mynetworks
postscreen_bare_newline_action = enforce
postscreen_bare_newline_enable = no
postscreen_dnsbl_action = enforce
postscreen_dnsbl_reply_map = ${indexed}dnsbl_reply
postscreen_dnsbl_sites = zusbyxqsairu6mu6ayyhstc3ua.zen.dq.spamhaus.net
postscreen_dnsbl_threshold = 1
postscreen_non_smtp_command_action = enforce
postscreen_non_smtp_command_enable = no
postscreen_pipelining_action = enforce
postscreen_pipelining_enable = no
receive_override_options = no_address_mappings
recipient_delimiter = -
smtp_bind_address = 65.21.136.15
smtp_bind_address6 = 2a01:4f9:3b:25b0:9:6:1:e01
smtp_generic_maps = ${indexed}generic
smtp_tls_exclude_ciphers = aNULL
smtp_tls_loglevel = 1
smtp_tls_mandatory_ciphers = medium
smtp_tls_mandatory_exclude_ciphers = RC4, MD5, SHA1
smtp_tls_security_level = may
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_helo_restrictions = reject_unknown_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination,
reject_unverified_recipient, check_policy_service
unix:private/policyd-spf, reject_rbl_client
zusbyxqsairu6mu6ayyhstc3ua.zen.dq.spamhaus.net,
reject_rhsbl_reverse_client
zusbyxqsairu6mu6ayyhstc3ua.dbl.dq.spamhaus.net, reject_rhsbl_helo
zusbyxqsairu6mu6ayyhstc3ua.dbl.dq.spamhaus.net, reject_rhsbl_sender
zusbyxqsairu6mu6ayyhstc3ua.dbl.dq.spamhaus.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain =
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_unknown_sender_domain
smtpd_tls_auth_only = yes
smtpd_tls_eccert_file = /etc/letsencrypt/live/mail.qno.de/fullchain.pem
smtpd_tls_eckey_file = /etc/letsencrypt/live/mail.qno.de/privkey.pem
smtpd_tls_mandatory_ciphers = high
smtpd_tls_mandatory_exclude_ciphers = aNULL, MD5, SHA1
smtpd_tls_mandatory_protocols = >=TLSv1.2
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
tabledir = ${config_directory}/tables.d/
virtual_alias_domains = $mydomain
virtual_alias_maps = ${indexed}virtual
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/mail/vhosts
virtual_mailbox_domains = sk-koenig-tegel.de
virtual_mailbox_maps = mysql:${tabledir}virtual_mailbox_maps.cf
virtual_minimum_uid = 10000
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:5000
doveconf -n:
# 2.3.21 (47349e2482): /etc/dovecot/dovecot.conf
# Pigeonhole version 0.5.21 (f6cd4b8e)
# OS: Linux 6.8.0-60-generic x86_64 Ubuntu 24.04.2 LTS
# Hostname: bywater.qno.de
auth_debug = yes
auth_debug_passwords = yes
auth_mechanisms = plain login
auth_username_format = %Ln
auth_verbose = yes
auth_verbose_passwords = yes
listen = 65.21.136.15, 2a01:4f9:3b:25b0:9:6:1:c01
mail_debug = yes
mail_location = maildir:~/Maildir
mail_privileged_group = mail
managesieve_notify_capability = mailto
managesieve_sieve_capability = fileinto reject envelope
encoded-character vacation subaddress comparator-i;ascii-numeric
relational regex imap4flags copy include variables body enotify
environment mailbox date index ihave duplicate mime foreverypart extracttext
namespace inbox {
inbox = yes
location =
mailbox Drafts {
special_use = \Drafts
}
mailbox Junk {
special_use = \Junk
}
mailbox Sent {
special_use = \Sent
}
mailbox "Sent Messages" {
special_use = \Sent
}
mailbox Trash {
special_use = \Trash
}
prefix =
}
passdb {
driver = pam
}
plugin {
sieve = file:~/sieve;active=~/.dovecot.sieve
}
protocols = " imap lmtp sieve"
service auth {
unix_listener /var/spool/postfix/private/auth {
group = postfix
mode = 0660
user = postfix
}
}
service imap-login {
inet_listener imap {
port = 0
}
inet_listener imaps {
port = 993
ssl = yes
}
}
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
group = postfix
mode = 0600
user = postfix
}
}
ssl_cert = </etc/letsencrypt/live/imap2.qno.de/fullchain.pem
ssl_cipher_list =
ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
ssl_dh = # hidden, use -P to show it
ssl_key = # hidden, use -P to show it
syslog_facility = local0
userdb {
driver = passwd
}
verbose_proctitle = yes
verbose_ssl = yes
TIA
QNo
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-le...@dovecot.org
