On 12/03/25 15:21, Gioele Pannetto via Postfix-users wrote:
Hi again,
I'm migrating an old mx to Postfix. This instance will be responsible
for inbound-only emails for various domains.
Note that every domain can have one or more domain aliases. This is my
simplified config:
virtual_mailbox_domains = proxy:mysql:/etc/postfix/sql/domains.cf
virtual_alias_domains = proxy:mysql:/etc/postfix/sql/domains_alias.cf
virtual_alias_maps = proxy:mysql:/etc/postfix/sql/aliased_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/sql/mailboxes.cf
domains.cf returns the real domains
domains_alias.cf returns the real domain of a domain alias
aliased_domains.cf is similar to domains_alias.cf but prepends an "@"
before the returned domain.
mailboxes.cf returns the user address if it exists. NOTE: It contains
only the addresses of real domains (it doesn't contain the aliased domains)
I'm testing this configuration but there is some problem with non
existing users of aliased domains. Example follows:
postfix.giopan.dev is an alias of giopan.dev.
If I try to send an email to nonexist...@giopan.dev Postfix correctly
returns the error "Recipient address rejected: User unknown in virtual
mailbox table".
If instead I try to send an email to nonexist...@postfix.giopan.dev
Postfix accepts the email with the aliased domain, and pass it to the
transport (which of course returns an error because it doesn't recognize
the address) so it logs:
4ZCXGM6pdSz1Brt: to=<nonexist...@giopan.dev>,
orig_to=<nonexist...@postfix.giopan.dev>, relay=x.x.x.x[x.x.x.x]:24,
delay=0.16, delays=0.14/0/0/0.02, dsn=5.1.1, status=bounced (host
x.x.x.x[x.x.x.x] said: 550 5.1.1 <nonexist...@giopan.dev> User doesn't
exist: nonexist...@giopan.dev (in reply to RCPT TO command))
This generate a bounce, which is not what I expected. I thought that
virtual_mailbox_maps would check the resolved address BEFORE passing the
email to the transport (so that the email would not be queued and
blocked in the MX at the RCPT TO command), but it seems that's not
working. Reading the docs virtual_mailbox_maps is described as "Optional
lookup tables with all valid addresses in the domains that match
$virtual_mailbox_domains.", both alias and real domain are present in
virtual_mailbox_domains, so I'm not understanding what I'm doing wrong.
If I try to "$ postmap -q nonexist...@giopan.dev mysql:/etc/postfix/sql/
mailboxes.cf" nothing is returned, so the query it's working as expected.
Thanks,
Gioele
Hi,
sorry for bumping this post but I made some consideration in the past
week, and maybe someone is now able to help me with this new information.
Reading the docs, this line in
(https://www.postfix.org/postconf.5.html#smtpd_reject_unlisted_recipient)
caught my attention:" An address is considered "unknown" when it does
not match a virtual(5) alias or canonical(5) mapping".
So if I'm understanding correctly /etc/postfix/sql/aliased_domains.cf
will always match because it maps the aliased domain to the real domain.
But what I'm not understanding it's in
(https://www.postfix.org/ADDRESS_CLASS_README.html#classes): " The
virtual alias domain class: [...] There is no configurable mail delivery
transport. Every address must be aliased to an address in some other
domain class.".
So what I think it's happening is:
- Postfix receives an aliased domain and matches in
virtual_alias_domains, so the address class is "virtual alias".
- Run the maps in virtual_alias_maps which map the aliased domain to
the real domain
- The domain now matches to virtual_mailbox_domains, so the address
class now becomes "virtual mailbox"
- (The part which I don't understand) Postfix skips
virtual_mailbox_maps and delivers directly to lmtp and generates the bounce.
Surely I'm missing something, but I spent the last 7 days behind this
issue :'(
_______________________________________________
Postfix-users mailing list -- postfix-users@postfix.org
To unsubscribe send an email to postfix-users-le...@postfix.org
