----- Message from Simon Wilson <si...@simonandkate.net> ---------
Date: Tue, 23 Mar 2021 21:31:29 +1000
From: Simon Wilson <si...@simonandkate.net>
Reply-To: si...@simonandkate.net
Subject: Re: Setting up virtual alias domains and maps - failing to deliver
To: postfix-users@postfix.org
----- Message from Simon Wilson <si...@simonandkate.net> ---------
Date: Tue, 23 Mar 2021 17:45:56 +1000
From: Simon Wilson <si...@simonandkate.net>
Reply-To: si...@simonandkate.net
Subject: Setting up virtual alias domains and maps - failing to deliver
To: postfix-users@postfix.org
Following recommendation from Viktor, trying to set up virtual
alias domains.
Previous arrangement works fine: domains in mydestination, local
transport uses lmtp to cyrus. Here is an example of that
arrangement - sent off to Amavis, then off to lmtp for successful
delivery:
Mar 23 14:25:35 emp87 postfix/lmtp[327725]: E85581819E5:
to=<ka...@simonandkate.net>, relay=127.0.0.1[127.0.0.1]:10024,
delay=6.9, delays=2.3/0/0/4.6, dsn=2.0.0, status=sent (250 2.0.0
from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
752C71819E6)
Mar 23 14:25:35 emp87 postfix/lmtp[327851]: 752C71819E6:
to=<ka...@simonandkate.net>,
relay=mail.simonandkate.net[/run/cyrus/socket/lmtp], delay=0.23,
delays=0.01/0/0/0.22, dsn=2.1.5, status=sent (250 2.1.5 Ok
SESSIONID=<cyrus-327579-1616473535-1-15937860855307597156>)
Changes:
mydestination - removed, left as default
virtual_alias_domains = simonandkate.lan, simonandkate.net, etc...
virtual_alias_maps = hash:/etc/postfix/virtual (and postmapped)
Removed all virtual alias domain entries from aliases and run newaliases
The domain alias appears valid:
[root@emp87 postfix]# postmap -q ka...@simonandkate.net
hash:/etc/postfix/virtual
katie
Save changes, postfix reload
Mar 23 14:46:48 emp87 postfix/lmtp[329453]: ED7531819E6:
to=<ka...@simonandkate.net>, relay=127.0.0.1[127.0.0.1]:10024,
delay=11, delays=2.4/0/0/8.6, dsn=2.0.0, status=sent (250 2.0.0
from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as
371701819EA)
Mar 23 14:46:48 emp87 postfix/error[329457]: 371701819EA:
to=<ka...@simonandkate.net>, relay=none, delay=0.02,
delays=0.01/0/0/0.01, dsn=5.1.1, status=bounced (User unknown in
virtual alias table)
So it initially accepts the email, sends to amavis, gets it back,
and then fails to deliver, bouncing with 'relay=none' and 'User
unknown in virtual alias table'.
How do I get that second step to deliver to lmtp?? I'm obviously
doing something fundamentally wrong with the setup, but I can't
pick it... so I have reverted back to using domains in
mydestination for now...
Simon
I've scaled back, taking on board Noel's suggestion of just using
virtual_alias_maps for the exceptions I need to rewrite, but *not*
moving any of the hosted domains from mydestination to
virtual_alias_domains.
That achieves what I need and works as expected.
I am still interested to know how to achieve the full
virtual_alias_domains setup if anyone can help on my problems noted
above.
Thanks
Simon
I worked it out. It was myorigin being one of the aliases - from
postconf -n below:
myorigin = simonandkate.net
Removed that and it all started to work.
Simon
[root@emp87 virtual-alias]# postconf -n
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases, hash:/etc/postfix/report_aliases
bounce_queue_lifetime = 3d
bounce_template_file = /etc/postfix/bounce.cf
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
compatibility_level = 0
content_filter = amavisfeed:[127.0.0.1]:10024
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
ddd $daemon_directory/$process_name $process_id & sleep 5
delay_warning_time = 2h
disable_vrfy_command = yes
html_directory = no
inet_protocols = ipv4
local_destination_concurrency_limit = 5
local_destination_recipient_limit = 300
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailbox_transport = lmtp:unix:/run/cyrus/socket/lmtp
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
masquerade_domains = !system.simonandkate.net, simonandkate.net,
simonandkate.lan
maximal_queue_lifetime = 3d
message_size_limit = 26214400
milter_default_action = accept
mua_client_restrictions =
mua_helo_restrictions =
mua_sender_restrictions =
myhostname = mail.simonandkate.net
mynetworks = 127.0.0.0/8, 192.168.1.0/24, 103.16.129.171
myorigin = simonandkate.net
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = $smtpd_milters
policyd-spf_time_limit = 3600
postscreen_access_list = permit_mynetworks,
cidr:/etc/postfix/postscreen_access.cidr
postscreen_blacklist_action = drop
postscreen_dnsbl_action = enforce
postscreen_dnsbl_sites = zen.spamhaus.org*3 bl.mailspike.net*2
b.barracudacentral.org*2 bl.spameatingmonkey.net bl.spamcop.net
dnsbl.sorbs.net hostkarma.junkemailfilter.com=127.0.0.2
hostkarma.junkemailfilter.com=127.0.0.4
hostkarma.junkemailfilter.com=127.0.1.2 psbl.surriel.com
swl.spamhaus.org*-4 list.dnswl.org=127.0.[2..15].0*-2
list.dnswl.org=127.0.[2..15].1*-3
list.dnswl.org=127.0.[2..15].[2..3]*-4
wl.mailspike.net=127.0.0.[17;18]*-1
wl.mailspike.net=127.0.0.[19;20]*-2
hostkarma.junkemailfilter.com=127.0.0.1*-1
postscreen_dnsbl_threshold = 3
postscreen_greet_action = enforce
queue_directory = /var/spool/postfix
recipient_delimiter = +
sender_canonical_maps = hash:/etc/postfix/sender_canonical
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtpd_client_restrictions =
smtpd_data_restrictions = reject_unauth_pipelining permit
smtpd_discard_ehlo_keywords = silent-discard, dsn
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_milters = inet:127.0.0.1:8893
smtpd_recipient_restrictions = check_client_access
hash:/etc/postfix/client_checks, permit_mynetworks,
check_recipient_access hash:/etc/postfix/recipient_access,
reject_unauth_destination, check_sender_access
hash:/etc/postfix/sender_access, reject_unauth_pipelining,
reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname,
reject_non_fqdn_sender, reject_unknown_sender_domain,
reject_non_fqdn_recipient, reject_unknown_recipient_domain,
reject_rbl_client zen.spamhaus.org, check_policy_service
unix:private/policyd-spf permit
smtpd_relay_restrictions =
smtpd_sasl_local_domain =
smtpd_sasl_path = smtpd
smtpd_sender_login_maps = hash:/etc/postfix/controlled_envelope_senders
smtpd_sender_restrictions =
smtpd_tls_CAfile = /etc/pki/tls/certs/hub.simonandkate.net-chain.pem
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/pki/tls/certs/hub.simonandkate.net-cert.pem
smtpd_tls_key_file = /etc/pki/tls/private/hub.simonandkate.net-key.pem
smtpd_tls_loglevel = 1
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_domains = simonandkate.lan, simonandkate.net,
simonmwilson.net, domwilson.net, chiarina.net, benjwilson.net,
millikens.net, howiesue.net, tlchomeandyard.com.au, facetbd.net.au,
facetbd.com.au, facetbuildingdesign.net.au,
facetbuildingdesign.com.au
virtual_alias_maps = hash:/etc/postfix/virtual
----- End message from Simon Wilson <si...@simonandkate.net> -----
----- End message from Simon Wilson <si...@simonandkate.net> -----
--
Simon Wilson
M: 0400 12 11 16
