You mention that you are using dovecot along with postfix, so in that case, the
most common theme is to use LMTP like this:
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_mailbox_domains = /etc/postfix/virtual_mailbox_domains
then your /etc/postfix/virtual_mailbox_domains may look like:
example.co.uk OK
example2.co.uk OK
example3.co.uk OK
example4.co.uk OK
example5.co.uk OK
otherexample.tld OK
>From the dovecot side of things, your 10-master.conf file would contain (among
>other things) the lines:
service lmtp {
unix_listener /var/spool/postfix/private/dovecot-lmtp {
mode = 0660
user = postfix
group = postfix
}
}
that way, you add your email addresses under dovecot and not postfix, since
postfix will use LMTP to query dovecot for them.
On Sun, 12 Nov 2023 17:24:38 +0000 Larry David via Postfix-users
<postfix-users@postfix.org> wrote:
> I am trying to set up a virtual domains on a server and either end up with
> no mail being delivered, or mail being delivered but with warning:
>
> do not list domain example2.co.uk in BOTH virtual_alias_domains and
> relay_domains.
>
> What I am trying to do is
>
> * Configure a dedicated server to host 5 websites. Apache DONE.
> * Configure Postfix to handle 5 users (Linux accounts) each with their own
> mailbox for mail in and out. Partial Done
>
> Server config: Rocky 9.2, Postfix 3.5.9, Dovecot 2.3.16, Postgrey,
> Letsencrypt certitficates
>
> To keep this easier I will list the config for just 2 domains. The main
> site example.co.uk and the virtual site example2.co.uk
>
> Here's what happens when I send mail to i...@example.co.uk
>
> (delivered successfully with no warnings)
>
> Here's what happens when I send mail to i...@example2.co.uk
>
> (delivered successfully but with this warning:
>
> postfix/trivial-rewrite[2530248]: warning: do not list domain example2.co.uk
> in BOTH virtual_alias_domains and relay_domains
>
> If I remove example2.co.uk from relay_domains and send the emails again I
> then get this
>
> mail.example.co.uk gave this error: Remote server returned not permitted to
> relay -> 554 5.7.1 <i...@example.co.uk>: Relay access denied
>
> There is clearly a configuration issue here so here's the main.cf file:
>
> ---------------------------------------------------------
> canonical_maps = hash:/etc/postfix/canonical
> command_directory = /usr/sbin
> compatibility_level = 2
> daemon_directory = /usr/libexec/postfix
> data_directory = /var/lib/postfix
> debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd
> $daemon_directory/$process_name $process_id & sleep 5
> disable_vrfy_command = yes
> html_directory = no
> inet_protocols = ipv4
> invalid_hostname_reject_code = 554
> mailbox_command = /usr/bin/procmail
> mailq_path = /usr/bin/mailq.postfix
> manpage_directory = /usr/share/man
> masquerade_exceptions = root
> meta_directory = /etc/postfix
> mime_header_checks = regexp:/etc/postfix/mime_header_checks
> multi_recipient_bounce_reject_code = 554
> mydestination = mail.$mydomain
> mydomain = example.co.uk
> myhostname = mail.example.co.uk
> mynetworks = x.x.x.x,127.0.0.1,my.my.my.my #this is the server ip, 127 and
> my own desktop ip for sending and receiving mail
> mynetworks_style = host
> newaliases_path = /usr/bin/newaliases.postfix
> non_fqdn_reject_code = 554
> readme_directory = /usr/share/doc/postfix/README_FILES
> relay_domains = $mydestination, 127.0.0.1, example.co.uk, example2.co.uk
> relay_domains_reject_code = 554
> relocated_maps = hash:/etc/postfix/relocated
> sample_directory = /usr/share/doc/postfix/samples
> sender_canonical_maps = hash:/etc/postfix/sender_canonical
> sendmail_path = /usr/sbin/sendmail.postfix
> setgid_group = postdrop
> shlib_directory = /usr/lib64/postfix
> smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
> smtp_tls_CApath = /etc/pki/tls/certs
> smtp_tls_note_starttls_offer = no
> smtp_tls_security_level = may
> smtpd_error_sleep_time = 1s
> smtpd_hard_error_limit = 6
> smtpd_helo_required = yes
> smtpd_recipient_restrictions = reject_invalid_hostname,
> reject_unknown_recipient_domain, reject_unauth_pipelining,
> permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination,
> reject_rbl_client zen.spamhaus.org, reject_rbl_client bl.spamcop.net,
> reject_rbl_client cbl.abuseat.org, permit
> smtpd_sender_restrictions = hash:/etc/postfix/access
> smtpd_soft_error_limit = 3
> smtpd_tls_auth_only = yes
> smtpd_tls_chain_files = /etc/letsencrypt/live/mail.example.co.uk/privkey.pem,
> /etc/letsencrypt/live/mail.example.co.uk/fullchain.pem
> smtpd_tls_dh1024_param_file = /etc/postfix/dhparam
> smtpd_tls_loglevel = 1
> smtpd_tls_mandatory_ciphers = medium
> smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
> smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
> smtpd_tls_received_header = yes
> smtpd_tls_security_level = may
> smtpd_tls_session_cache_timeout = 3600s
> strict_rfc821_envelopes = yes
> tls_medium_cipherlist =
> ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305
> tls_preempt_cipherlist = no
> tls_random_source = dev:/dev/urandom
> tls_server_sni_maps = hash:/etc/postfix/vmail_ssl.map
> transport_maps = hash:/etc/postfix/transport
> unknown_address_reject_code = 554
> unknown_client_reject_code = 554
> unknown_hostname_reject_code = 554
> unknown_local_recipient_reject_code = 554
> unknown_relay_recipient_reject_code = 554
> unknown_virtual_alias_reject_code = 554
> unknown_virtual_mailbox_reject_code = 554
> unverified_recipient_reject_code = 554
> unverified_sender_reject_code = 554
> virtual_alias_domains = example2.co.uk
> virtual_maps = hash:/etc/postfix/virtual
> ---------------------------------------------------------
>
> The virtual file contains things like
>
> la...@example.co.uk example
> i...@example.co.uk example
> @example2.co.uk example2 #(catch all)
>
> I have used postfix, postgrey, dovecot on a single domain for years with no
> problem. Only now when I try to add other domains to this server am I
> getting mail issues.
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
