> On Oct 27, 2017, at 9:32 AM, 9acca9 <[email protected]> wrote:
>
> Recipient address rejected: User unknown in local recipient table
>
> of course the "user" is not know by postfix or that server, I want postfix
> to deliver this mail to zimbra, who knows them.
Remove the recipient domain from "mydestination" and add it
to "relay_domains". On a pure relay system, with no local
mailboxes
main.cf:
# Convenience macro
indexed = ${default_database_type}:${config_directory}/
mydestination =
alias_database =
alias_maps = $alias_database
local_recipient_maps =
local_transport = error:5.1.2 Mailbox unavailable
# One or more relayed domains
#
relay_domains = example.com
# If inbound relaying is not always MX based, use a
# transport table
#
# transport_maps = ${indexed}transport
# Alternatively, if all inbound domains hit the same relay
# Just specify the relay in main.cf:
#
# relay_transport = relay:[relay.example.com]
# Consider mandatory TLS for relay traffic
#
smtp_tls_policy_maps = ${indexed}tls-policy
smtp_tls_loglevel = 1
smtp_tls_security_level = may
# Or instead:
#
# smtp_tls_security_level = dane
## Ensure /etc/resolv.conf has just: nameserver 127.0.0.1
## And resolver is doing DNSSEC validation, and tracks
## RFC5011 root KSK rollovers reliably.
## See:
##
## https://www.icann.org/news/announcement-2017-09-27-en
#
# smtp_dns_support_level = dnssec
# See
http://www.postfix.org/postconf.5.html#parent_domain_matches_subdomains
# Consider setting entirely empty at the cost of adding each blocked
subtree
# of DNS twice: "example.com REJECT ..." and ".example.com REJECT ..."
#
parent_domain_matches_subdomains = smtpd_access_maps
transport:
example.com relay:[relay.example.com]
tls-policy:
# Or "secure" if you're comfortable enough with PKI,
# or even "dane" or "dane-only"
#
[relay.example.com] encrypt
--
Viktor.
