Postfix noqueue reject

Question

I have own a vServer and multiple domains. The server is mainly used for Websites but I've also set up postfix and dovecot to deliver mail. Everything is working as expected. Even for different domains I am able to add user, alias and domain in a MySQL database, send and receive mail.
Everyday I find this strange entry in my mail.log:

postfix/smtpd[29295]: NOQUEUE: reject: RCPT from mx1.tld-mx.com[41.222.33.24]: 550 5.1.1 <canit_verification_check_dont_panicebfeaa@mydomain.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<canit_system_check@roaringpenguin.com> to=<canit_verification_check_dont_panicebfeaa@mydomain.com> proto=ESMTP helo=<mx1.tld-mx.com>

This log message appears every morning at about 4:35 server time and I really don't know what to do with it. Have I configured my server in any wrong way? Or is this a bot scanning my machine?

My main.cf

# cat /etc/postfix/main.cf
# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# TLS parameters
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

myhostname = mydomain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
#mydestination = example.com, hostname.example.com, localhost.example.com, localhost
mydestination = localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all

smtpd_tls_cert_file = /root/CA/certs/server.crt
smtpd_tls_key_file = /root/CA/private/server.key
smtpd_tls_CAfile = /root/CA/certs/ca.crt
smtpd_use_tls = yes
smtpd_tls_auth_only= yes

#Enabling SMTP for authenticated users, and handing off authentication to Dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
smtpd_sasl_auth_enable = yes

smtpd_recipient_restrictions =
    permit_sasl_authenticated,
    permit_mynetworks,
    reject_unauth_destination,
    reject_unlisted_recipient

#Handing off local delivery to Dovecot's LMTP, and telling it where to store mail
virtual_transport = lmtp:unix:private/dovecot-lmtp

#Virtual domains, users, and aliases
virtual_mailbox_domains = mysql:/etc/postfix/mysql-virtual-mailbox-domains.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-mailbox-maps.cf
virtual_alias_maps = mysql:/etc/postfix/mysql-virtual-alias-maps.cf

Answer 1

That log entry looks completely fine.

On a technical level your server gets an email for an invalid recipient address and rejects it.

The address (and daily recurrence) implies that someone is deliberately checking for misconfiguration. Maybe your vServer provider checks to prevent problems with accidental catch-all domains or open relays.

Answer 2

This is a check performed by the CanIt Reputation list; it basically ensures that you're not an open relay as if your server would have accepted the mail and delivered it back to their servers you would end up on their Blacklist (OpenRelay).

You can safely ignore these entries along with others containing the Recipient address rejected: User unknown in virtual mailbox table;