After many years I noticed in my current config that the local users aren't working properly.
Specifically I have a hostname in "mydestination" (h7.zynet2.co.uk) and I want to accept email for "r...@h7.zynet2.co.uk" This email is currently delivered correctly if submitted from a trusted user or address, but rejected by the SMTP recipient check if sent from outside. So I think I want an addition/correction to the "smtpd_recipient_restrictions" that will accept valid local addresses before I check the virtual users (permit_auth_destination causes Postfix to accept and bounce email for non-existent addresses in virtual_alias_domains, but otherwise appears to work as expected), or a correction to the valid user check. All local users are currently in "/etc/aliases" map, and all these map eventually to addresses that are not local (either remote users or virtual mailbox users), so "local" is a bit of a misnomer here. I have: virtual_alias_maps, virtual_alias_domains -- postgres lookups that returns virtual aliases for which we do forwarding or similar. At the end of "smtpd_recipient_restrictions" I have a call a postgres map that returns "OK" for good virtual addresses and "REJECT" for non-existent virtual addresses (if that right?). virtual_mailbox_maps (and friends) allow delivery to mailboxes for people whom we are final destination. transport_map -- list of domains and addresses, one domain of which we extract 200 addresses for delivery via SMTP transport, the rest we ship off to "local". I have a note in the Postgres user validation function that says "Postfix 2.2 has some new functionality that should obselete this", but I didn't have the good sense to write down what that new feature was. Does anyone know what Postfix 2.2 feature I probably meant? Is it obvious what I did wrong? Is it just the "REJECT" on not matching a virtual_alias? I'm tempted to move all the content of mydestination and /etc/aliases into the Postgres database of "virtual_alias", which I can probably make work easily enough. But I'm sure there is a "postfix way" of achieving what I intended. postconf -n (softbounce because I've been fiddling - but I think this is back how it was). alias_database = hash:/etc/aliases alias_maps = hash:/etc/aliases append_dot_mydomain = no biff = no config_directory = /etc/postfix default_process_limit = 200 disable_vrfy_command = yes header_checks = regexp:/etc/postfix/header_checks home_mailbox = Maildir/ html_directory = /usr/share/doc/postfix/html inet_interfaces = all inet_protocols = ipv4 mailbox_size_limit = 51200000 message_size_limit = 20000000 mydestination = localhost.localdomain localhost.localdomain localhost h7.zynet2.co.uk myhostname = h7.zynet2.co.uk mynetworks = 127.0.0.0/8, 212.24.80.0/27, 212.24.80.32/27, 212.24.80.64/27 myorigin = /etc/mailname proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks proxy:pgsql:/etc/postfix/pgsql-valid-rcpt.cf readme_directory = /usr/share/doc/postfix recipient_delimiter = - relayhost = smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU) smtpd_client_restrictions = cidr:/etc/postfix/cidr-badips smtpd_delay_reject = yes smtpd_hard_error_limit = 10 smtpd_helo_required = yes smtpd_helo_restrictions = permit_mynetworks, check_helo_access hash:/etc/postfix/helo_access, permit smtpd_junk_command_limit = 10 smtpd_recipient_restrictions = permit_mynetworks, reject_rbl_client zen.spamhaus.org, check_policy_service inet:127.0.0.1:60000, check_recipient_access hash:/etc/postfix/relay-domains, check_recipient_access proxy:pgsql:/etc/postfix/pgsql-valid-rcpt.cf, reject_unauth_destination smtpd_sender_restrictions = hash:/etc/postfix/access, reject_unknown_sender_domain soft_bounce = yes transport_maps = hash:/etc/postfix/transport unknown_address_reject_code = 554 virtual_alias_domains = proxy:pgsql:/etc/postfix/pgsql-email-virt-domains.cf virtual_alias_maps = proxy:pgsql:/etc/postfix/pgsql-email-virtual.cf virtual_gid_maps = static:5000 virtual_mailbox_base = /var/spool/mail virtual_mailbox_domains = pop.mail.zynet.net virtual_mailbox_maps = hash:/etc/postfix/vmailbox virtual_minimum_uid = 100 virtual_uid_maps = static:5000
