On Sat, Sep 28, 2019 at 03:55:04PM +0000, Nicolas Breuer wrote:
> I'm not sure you understand the issue.
Sadly, you've got the wrong end of the stick. Your logs start with:
Sep 28 11:12:35 ns2 postfix/smtpd[16268]: generic_checks:
name=permit_mynetworks status=1
Sep 28 11:12:35 ns2 postfix/smtpd[16268]: >>> END Recipient address
RESTRICTIONS <<<
The client is trusted, and so allowed to send to *any* (potentially
remote) address. THe logs then continue with:
Sep 28 11:12:35 ns2 postfix/smtpd[16268]: >>> CHECKING Recipient address
VALIDATION MAPS <<<
but since the recipient is NOT listed in any relay or final domain,
recipient validation does not apply.
> If the domain is not present in domain file, should be rejected with (MX
> loops back to me)
No.
> If the email is not in virtual, should be rejected with (user unknown)
No, that only happens when the recipient domain is in
virtual_alias_domains, which was not the case, and the address is
not found in virtual_alias_maps (also not the case).
Sep 28 11:12:35 ns2 postfix/smtpd[16268]: maps_find: virtual_alias_maps:
... = root
To reproduce recipient rejection try either:
- Send from a client *not* listed in mynetworks, and
the recipient domain not in virtual_alias_domains,
relay_domains, ...
OR
- Add the recipient domain to virtual_alias_domains,
and make sure the recipient address is not listed
in virtual_alias_maps, canonical_maps, ...
--
Viktor.
