0

Not sure where I got it wrong.

I've configured postfix so that it works well when doing:

  1. Relaying/redirecting email from external sources to users' virtual mailboxes (e.g., to their Gmail account)
  2. Sending email from internal sources (e.g., server alert) to external mailboxes (e.g., to my personal email)

But it failed doing:

Sending email from internal sources (aforementioned server alert) to users' virtual mailboxes.

I got errors like this:

Jan 08 03:21:16 hermes postfix/qmgr[153]: CDBB11BC1A1F: from=<alerter@noreply.mycompany.com>, size=1012, nrcpt=1 (queue active)
Jan 08 03:21:16 hermes postfix/virtual[5307]: CDB4C1BC165E: to=<pepoluan@mycompany.com>, relay=virtual, delay=25790, delays=25790/0/0/0, dsn=4.3.5, status=deferred (mail system configuration error)

pepoluan@mycompany.com is relayed/redirected through virtual table to my personal mailbox.

Any pointers on where I should troubleshoot?

EDIT 1: Here's my main.cf:

maillog_file = /dev/stdout

smtp_helo_name = hermes
myorigin = localhost
myhostname = hermes.mycompany.com
mydestination = noreply.dto.kemkes.go.id
mydomain = noreply.mycompany.com

smtpd_banner = $myhostname ESMTP
biff = no
append_dot_mydomain = no
readme_directory = no

compatibility_level = 2

smtpd_tls_session_cache_database = lmdb:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = lmdb:${data_directory}/smtp_scache
smtpd_tls_chain_files =
        ${config_directory}/star_mycompany_com.pem
smtpd_tls_security_level = may

transport_maps =
        sqlite:/etc/postfix/transport-sqlite.cf

# Don't accept mail from domains that don't exist.
smtpd_sender_restrictions =
        check_sender_access sqlite:/etc/postfix/sender-sqlite.cf
        reject_unknown_sender_domain
smtpd_relay_restrictions =
        permit_sasl_authenticated
        reject_unauth_destination

# Consult database on how to 'canonicalize' sender address.
# If database lookup fails, consult the milter. (In our case, is postsrsd)
# Refs:
#   - https://github.com/roehling/postsrsd
#   - https://serverfault.com/a/780367/15440
sender_canonical_maps = sqlite:/etc/postfix/canonical-sqlite.cf, tcp:127.0.0.1:10001
sender_canonical_classes = envelope_sender

# For receiving emails
smtpd_recipient_restrictions =
        permit_sasl_authenticated
        check_recipient_access sqlite:/etc/postfix/recipients-sqlite.cf
        permit_auth_destination

virtual_mailbox_domains = mycompany.com
virtual_mailbox_maps = sqlite:/etc/postfix/virtual-sqlite.cf
virtual_mailbox_base = /var/mail
virtual_alias_maps = sqlite:/etc/postfix/alias-sqlite.cf

# alias_maps = lmdb:/etc/aliases
# alias_database = lmdb:/etc/aliases
relayhost =
mynetworks = 127.0.0.0/8 192.168.0.0/16
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4

smtpd_tls_auth_only = no

smtp_use_tls = no
smtpd_use_tls = no

smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous

# DKIM
milter_default_action = accept
milter_protocol = 2
smtpd_milters = unix:/run/opendkim/opendkim.sock

postscreen_upstream_proxy_protocol = haproxy
pepoluan
  • 4,918
  • 3
  • 43
  • 71
  • 1
    if i read correctly you have arrived 4k points the you should known about : Questions seeking installation, configuration or diagnostic help must include the desired end state, the specific problem or error, sufficient information about the configuration and environment to reproduce it, and attempted solutions. Questions without a clear problem statement are not useful to other readers and are unlikely to get good answers. ;) – djdomi Jan 08 '22 at 10:44
  • @djdomi I could've sworn I've edited the question to include my main.cf... strange it does not appear. Let me re-edit the question. – pepoluan Jan 09 '22 at 07:27
  • can you add your internal domain to `debug_peer_list` and retry then post error log? – another victim of the mouse Jan 13 '22 at 04:28
  • @anothervictimofthemouse Okay, let me try that, and afterwards I'll edit my question – pepoluan Jan 13 '22 at 06:54
  • It is about the **content** of your sqlite tables relating to either the domain, the mail address or the mailbox for those. And then the permissions to write to the mailbox. – mailq Jan 14 '22 at 00:20

0 Answers0