Postfix not rejecting unknown user

Question

So Far

This answer has been helpful

https://serverfault.com/a/793202/604224

The Issue

I have been configuring a virtual mailbox in a virtualbox for testing, however it seems to accept all users even ones not defined in virtual_mailbox_maps, this is despite clearing mydestination (so it is not processed as a local mail) and adding some smtpd_recipient_restrictions

When I test send mail to a non existant mailbox (but exiting domain) such as

echo "This is the body of the email" | mail -s "This is the subject line" noemail@laravel8.test

/var/log/maillog shows

postfix/qmgr[14474]: E890D1883308: from=<root@laravel8.test>, size=470, nrcpt=1 (queue active)
E890D1883308: to=<noemail@laravel8.test>, relay=myhook, delay=0.6, delays=0.03/0.01/0/0.56, dsn=2.0.0, status=sent (delivered via myhook service)

Meaning it was accepted and sent to virtual transport without rejecting.

Would love some help

Config

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
command_directory = /usr/sbin
compatibility_level = 2
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
meta_directory = /etc/postfix
mydestination =
mydomain = laravel8.test
myhostname = laravel8.test
mynetworks_style = class
myorigin = $myhostname
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix/README_FILES
sample_directory = /usr/share/doc/postfix/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
shlib_directory = /usr/lib64/postfix
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtp_tls_CApath = /etc/pki/tls/certs
smtp_tls_security_level = may
smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_unauth_destination reject_unverified_recipient
smtpd_tls_cert_file = /etc/pki/tls/certs/postfix.pem
smtpd_tls_key_file = /etc/pki/tls/private/postfix.key
smtpd_tls_security_level = may
unknown_local_recipient_reject_code = 550
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-email2email.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_transport = myhook:dummy

mysql files config

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-email2email.cf

user = root
password =
hosts = 127.0.0.1
dbname = laravel
query = SELECT CONCAT(account, '@', domain) FROM mailbox WHERE account='%u' AND domain='%d'

virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf

user = root
password =
hosts = 127.0.0.1
dbname = laravel
query = SELECT domain FROM mailbox WHERE domain='%s' LIMIT 1

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf

user = root
password =
hosts = 127.0.0.1
dbname = laravel
query = SELECT 1 FROM mailbox WHERE account='%u' AND domain='%d'

Answer 1

The problem is this config line

smtpd_recipient_restrictions = reject_unknown_recipient_domain reject_unauth_destination reject_unverified_recipient

You have to check the recipient adress in your restrictions. Look at the check_recipient_access configuration parameter:

smtpd_recipient_restrictions = 
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    reject_unverified_recipient,
    check_recipient_access mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf