Search code examples
mysqlpostfix-mta

Postfix: Virtual domain, mailbox, alias: unknown user for locally generated mails (using sendmail)


I have a server with Postfix 2.9.6 and virtual users, domains and aliases with MySQL. When I send a mail to an alias from another mail server or using system's MUA (Squirrel or Thunderbird), the mail is correctly delivered to the GOTO of the alias. But when the mail is sent from the server (for example, using fail2ban's mail action, or just sendmail), the server responds with an 'Undelivered Mail Returned to Sender' and unknown user as description.

What am I doing wrong? Where can I continue debugging? (I've made a lot of tests and searches, with no clue).

I believe MySQL's config files are not needed, as they work well when the mail is originated outside the server, or even from an existing local user using any MUA. Either way, they are the standard for virtual users, and the connection to MySQL is working for sure.

postconf -n:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
default_destination_concurrency_limit = 20
default_destination_recipient_limit = 600
defer_transports = hold
disable_vrfy_command = no
header_size_limit = 102400
hopcount_limit = 50
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
inet_protocols = all
initial_destination_concurrency = 35
local_destination_concurrency_limit = 20
mailbox_size_limit = 0
maximal_queue_lifetime = 2d
message_size_limit = 36909875
mydestination = MY-HOSTNAME.example.com, old-name.example.com, localhost.localdomain, localhost
myhostname = MY-HOSTNAME.example.com
mynetworks = 127.0.0.0/8
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
readme_directory = /usr/share/doc/postfix
recipient_bcc_maps = regexp:/etc/postfix/recipient_bcc
recipient_delimiter = +
relayhost =
sender_bcc_maps = regexp:/etc/postfix/sender_bcc
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_sasl_authenticated check_client_access hash:/etc/postfix/access_client reject_rbl_client sbl-xbl.spamhaus.org reject_rbl_client bl.spamcop.net reject_rbl_client cbl.abuseat.org
smtpd_data_restrictions = permit_mynetworks permit_sasl_authenticated check_client_access regexp:/etc/postfix/add_auth_header.regexp reject_unauth_pipelining
smtpd_delay_reject = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated check_recipient_access hash:/etc/postfix/access_recipient check_recipient_access regexp:/etc/postfix/filter-filtra.regexp reject_non_fqdn_recipient reject_unknown_recipient_domain reject_unauth_destination reject_unverified_recipient check_policy_service inet:127.0.0.1:60000
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sender_restrictions = permit_mynetworks permit_sasl_authenticated check_client_access hash:/etc/postfix/access_client check_sender_access hash:/etc/postfix/access_sender reject_rbl_client bl.spamcop.net reject_rbl_client sbl-xbl.spamhaus.org reject_non_fqdn_sender reject_rbl_client bb.barracudacentral.org reject_unknown_sender_domain
smtpd_tls_cert_file = /etc/ssl/private/multidomain.pem
smtpd_tls_key_file = /etc/ssl/private/multidomain.key
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tcp_windowsize = 14000
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550
unknown_relay_recipient_reject_code = 550
unknown_virtual_alias_reject_code = 550
unknown_virtual_mailbox_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 450
vacation_destination_recipient_limit = 1
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf regexp:/etc/postfix/aliases-regexp
virtual_gid_maps = static:89
virtual_mailbox_base = /home/vpopmail/domains
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 1024000000
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_limit_override = yes
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_maildir_extended = yes
virtual_maildir_limit_message = Sorry, the user's maildir has no space available in their inbox.
virtual_minimum_uid = 89
virtual_overquota_bounce = yes
virtual_transport = virtual
virtual_uid_maps = static:89

/etc/postfix/transport:

autoreply.example.com        vacation:

/etc/postfix/aliases-regexp:

/user[0-9]{4}@example\.com/ [email protected]

/etc/postfix/filter-filtra.regexp:

/[email protected]/ FILTER smtp-amavis:[127.0.0.1]:10026
/^/ FILTER smtp-amavis:[127.0.0.1]:10024

Solution

  • I found the problem (and the solution!) by myself :)

    In master.cf, the pickup service had an extra configuration option which redirected the cleanup to a pre-cleanup, which has virtual aliases disabled (following something similar to https://amavis.org/README.postfix.html#d0e1038 ). Just commenting the pre-cleanup option (letting the pickup to use normal cleanup service) corrected the problem.

    Previous to the change (erroneous):

    pickup  fifo    n       -       -       60      1       pickup
       -o cleanup_service_name=pre-cleanup
    

    After the change (correct):

    pickup  fifo    n       -       -       60      1       pickup
    #   -o cleanup_service_name=pre-cleanup