I have a problem for which I cannot find a cause, aliases seem to have stopped 
working. Could somebody help me debug this.

My setup is fairly simple Debian (Jessie) with Postfix, Dovecot, Amavisd-new, 
Postgrey, Postfixadmin and PostgreSQL.

I recently modified main.cf by adding a couple of lines. But I found that there 
was a problem getting email on cell phones as a result. So I removed the 
changes by commenting them out. A comparison of main.cf before and after all of 
the changes is shown in the patch below.

@@ -53,6 +53,9 @@
   smtpd_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
   smtpd_tls_key_file = /root/ssl/private/$mydomain.mail.key
   smtpd_tls_received_header = yes
+#smtpd_tls_exclude_ciphers = EXPORT, LOW, IDEA, 3DES
+
+#tls_preempt_cipherlist = yes
   virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql/virtual_domain_map.sql
   virtual_alias_maps      = proxy:pgsql:/etc/postfix/sql/virtual_alias_map.sql,

Prior to these changes everything seemed to work normally.
Subsequent to all of these changes aliases do not seem to work, for example:

[email protected] has/is an alias of [email protected] cause a 550 result.

if you look at the log extract attached Postfix accepts an email for 
"[email protected]" from gmail and eventually hands it off to Dovecot for final 
delivery using LMTP.
The problem is that the address is wrong, I thought it should have been "rewritten" by 
this point, it should to going "[email protected]".
Dovecot then quite correctly rejects it with a 550 code, as the user root does 
not exist.
Why did the address not get rewritten?

All addresses and aliases are stored in the PostfixAdmin PostgreSQL database. 
If I run the various SQL queries against the database using PostgreSQL and/or 
postmap they all seem to return the expected results.
For the example given, if I run postmap -q "[email protected]" 
pgsql:/etc/postfix/sql/virtual_alias_map.sql the answer is "[email protected]"

How do I find find out why aliasing seems to have stopped working.

--
John Allen
KLaM
-----------------------------------------
In the world of the internet,
if you're not paying for something,
you're not the customer
you are the product.
attrib: blue_beetle
Feb 22 08:04:15 bilbo postfix/smtpd[12361]: connect from 
mail-la0-x22b.google.com[2a00:1450:4010:c03::22b]
Feb 22 08:04:17 bilbo postgrey[1375]: action=pass, reason=client whitelist, 
client_name=mail-la0-x22b.google.com, client_address=2a00:1450:4010:c03::22b, 
[email protected], [email protected]
Feb 22 08:04:17 bilbo postfix/smtpd[12361]: 51CDB3640514: 
client=mail-la0-x22b.google.com[2a00:1450:4010:c03::22b]
Feb 22 08:04:17 bilbo postfix/cleanup[12369]: 51CDB3640514: 
message-id=<CAMUEqxKtBt=tvZKLG=jat9je6rkguwqw-ylmakhdymm1w5m...@mail.gmail.com>
Feb 22 08:04:17 bilbo postfix/qmgr[7307]: 51CDB3640514: 
from=<[email protected]>, size=2151, nrcpt=1 (queue active)
Feb 22 08:04:17 bilbo postfix/smtpd[12361]: disconnect from 
mail-la0-x22b.google.com[2a00:1450:4010:c03::22b]
Feb 22 08:04:18 bilbo postfix/smtpd[12374]: connect from localhost[127.0.0.1]
Feb 22 08:04:18 bilbo postfix/smtpd[12374]: 5543C3640DA1: 
client=localhost[127.0.0.1]
Feb 22 08:04:18 bilbo postfix/cleanup[12375]: 5543C3640DA1: 
message-id=<CAMUEqxKtBt=tvZKLG=jat9je6rkguwqw-ylmakhdymm1w5m...@mail.gmail.com>
Feb 22 08:04:18 bilbo postfix/qmgr[7307]: 5543C3640DA1: 
from=<[email protected]>, size=2663, nrcpt=1 (queue active)
Feb 22 08:04:18 bilbo postfix/smtp[12371]: 51CDB3640514: to=<[email protected]>, 
relay=127.0.0.1[127.0.0.1]:10024, delay=1.6, delays=0.78/0.01/0.01/0.82, 
dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 
Ok: queued as 5543C3640DA1)
Feb 22 08:04:18 bilbo postfix/qmgr[7307]: 51CDB3640514: removed
Feb 22 08:04:18 bilbo dovecot: lmtp(12377): Connect from local
Feb 22 08:04:18 bilbo postfix/lmtp[12376]: 5543C3640DA1: to=<[email protected]>, 
relay=smtp.klam.ca[private/dovecot-lmtp], delay=0.32, 
delays=0.24/0.01/0.01/0.06, dsn=5.1.1, status=bounced (host 
smtp.klam.ca[private/dovecot-lmtp] said: 550 5.1.1 <[email protected]> User doesn't 
exist: [email protected] (in reply to RCPT TO command))
Feb 22 08:04:18 bilbo dovecot: lmtp(12377): Disconnect from local: Successful 
quit
Feb 22 08:04:18 bilbo postfix/cleanup[12375]: A0EFC3640DAE: 
message-id=<[email protected]>
Feb 22 08:04:18 bilbo postfix/bounce[12378]: 5543C3640DA1: sender non-delivery 
notification: A0EFC3640DAE
Feb 22 08:04:18 bilbo postfix/qmgr[7307]: A0EFC3640DAE: from=<>, size=4632, 
nrcpt=1 (queue active)
Feb 22 08:04:18 bilbo postfix/qmgr[7307]: 5543C3640DA1: removed
Feb 22 08:04:20 bilbo postfix/smtp[12380]: A0EFC3640DAE: 
to=<[email protected]>, relay=gmail-smtp-in.l.google.com[173.194.68.26]:25, 
delay=2.2, delays=0.08/0.01/0.95/1.1, dsn=2.0.0, status=sent (250 2.0.0 OK 
1424610260 i204si25002414qhc.40 - gsmtp)
Feb 22 08:04:20 bilbo postfix/qmgr[7307]: A0EFC3640DAE: removed
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_size_limit = 65536
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
default_process_limit = 20
delay_warning_time = 12h
disable_vrfy_command = yes
header_size_limit = 32768
home_mailbox = Maildir/
mailbox_transport = lmtp:unix:private/dovecot-lmtp
message_size_limit = 32768000
mydestination = localhost, localhost.localdomain, localdomain
mydomain = klam.ca
myhostname = smtp.$mydomain
mynetworks = 127.0.0.0/8, [::1]/128
myorigin = $mydomain
recipient_delimiter = +
relocated_maps = hash:/etc/postfix/maps/relocated
smtp_dns_support_level = dnssec
smtp_tls_mandatory_protocols = !SSLv2 !SSLv3
smtp_tls_security_level = dane
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions =
smtpd_data_restrictions = reject_multi_recipient_bounce, 
reject_unauth_pipelining
smtpd_error_sleep_time = 5s
smtpd_etrn_restrictions = reject
smtpd_helo_required = yes
smtpd_helo_restrictions =
smtpd_recipient_limit = 128
smtpd_recipient_restrictions = reject_invalid_hostname, 
reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_non_fqdn_recipient, 
reject_unknown_sender_domain, reject_unknown_recipient_domain, 
permit_sasl_authenticated, reject_unauth_destination, check_recipient_access 
pcre:/etc/postfix/maps/recipient_checks.pcre, check_recipient_access 
hash:/etc/postfix/maps/recipient_checks, check_helo_access 
pcre:/etc/postfix/maps/helo_checks.pcre, check_sender_access 
hash:/etc/postfix/maps/sender_checks, check_policy_service 
inet:127.0.0.1:10023, reject_rbl_client zen.spamhaus.org, reject_rbl_client 
bl.spamcop.net
smtpd_relay_restrictions = permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $mydomain
smtpd_sasl_path = private/dovecot-auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions =
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /root/ssl/certs/$mydomain.mail.pem
smtpd_tls_key_file = /root/ssl/private/$mydomain.mail.key
smtpd_tls_mandatory_protocols = !SSLv2 !SSLv3
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
strict_rfc821_envelopes = yes
transport_maps = hash:/etc/postfix/maps/transport
vacation_destination_recipient_limit = 1
virtual_alias_maps = proxy:pgsql:/etc/postfix/sql/virtual_alias_map.sql, 
proxy:pgsql:/etc/postfix/sql/virtual_alias_domain_map.sql
virtual_mailbox_domains = proxy:pgsql:/etc/postfix/sql/virtual_domain_map.sql
virtual_mailbox_maps = proxy:pgsql:/etc/postfix/sql/virtual_mailbox_map.sql, 
proxy:pgsql:/etc/postfix/sql/virtual_alias_domain_mailbox_map.sql
virtual_transport = lmtp:unix:private/dovecot-lmtp
smtp       inet  n       -       n       -       -       smtpd -o 
cleanup_service_name=pre-cleanup
pickup     fifo  n       -       n       60      1       pickup -o 
cleanup_service_name=pre-cleanup
submission inet  n       -       n       -       30      smtpd -o 
syslog_name=postfix/submission -o smtpd_tls_security_level=encrypt -o 
smtpd_sasl_auth_enable=yes -o 
smtpd_relay_restrictions=permit_sasl_authenticated,reject -o 
smtpd_recipient_restrictions=permit_sasl_authenticated,reject -o 
smtpd_client_connection_count_limit=15 -o smtpd_client_connection_rate_limit=80 
-o smtpd_delay_reject=yes -o cleanup_service_name=pre-cleanup
qmgr       fifo  n       -       n       300     1       qmgr
tlsmgr     unix  -       -       n       1000?   1       tlsmgr
rewrite    unix  -       -       n       -       -       trivial-rewrite
bounce     unix  -       -       n       -       0       bounce
defer      unix  -       -       n       -       0       bounce
trace      unix  -       -       n       -       0       bounce
verify     unix  -       -       n       -       1       verify
flush      unix  n       -       n       1000?   0       flush
proxymap   unix  -       -       n       -       -       proxymap
proxywrite unix  -       -       n       -       1       proxymap
smtp       unix  -       -       n       -       -       smtp -o 
smtp_bind_address=74.116.186.178 -o smtp_bind_address6=2001:470:b183:10::178
relay      unix  -       -       n       -       -       smtp
showq      unix  n       -       n       -       -       showq
error      unix  -       -       n       -       -       error
retry      unix  -       -       n       -       -       error
discard    unix  -       -       n       -       -       discard
local      unix  -       n       n       -       -       local
virtual    unix  -       n       n       -       -       virtual
lmtp       unix  -       -       n       -       -       lmtp
anvil      unix  -       -       n       -       1       anvil
scache     unix  -       -       n       -       1       scache
smtp-amavis unix -       -       n       -       4       smtp -o 
smtp_data_done_timeout=1200 -o smtp_send_xforward_command=yes -o 
smtp_tls_note_starttls_offer=no
127.0.0.1:10025 inet n   -       n       -       -       smtpd -o 
content_filter= -o mynetworks=127.0.0.0/8 -o smtpd_delay_reject=no -o 
smtpd_client_restrictions=permit_mynetworks,reject -o smtpd_helo_restrictions= 
-o smtpd_sender_restrictions= -o 
smtpd_relay_restrictions=permit_mynetworks,reject -o 
smtpd_recipient_restrictions=permit_mynetworks,reject -o 
smtpd_data_restrictions=reject_unauth_pipelining -o 
smtpd_end_of_data_restrictions= -o smtpd_restriction_classes= -o 
smtpd_error_sleep_time=0 -o smtpd_soft_error_limit=1001 -o 
smtpd_hard_error_limit=1000 -o smtpd_client_connection_count_limit=0 -o 
smtpd_client_connection_rate_limit=0 -o local_header_rewrite_clients= -o 
local_recipient_maps= -o 
receive_override_options=no_header_body_checks,no_unknown_recipient_checks,no_milters,no_address_mappings
 -o smtpd_tls_security_level=none -o local_recipient_maps= -o 
relay_recipient_maps=
pre-cleanup unix n       -       n       -       0       cleanup -o 
virtual_alias_maps=
cleanup    unix  n       -       n       -       0       cleanup -o 
mime_header_checks= -o nested_header_checks= -o header_checks= -o body_checks=
vacation   unix  -       n       n       -       -       pipe flags=DRhu 
user=vacation argv=/var/spool/vacation/vacation.pl -f ${sender} -- ${recipient}
user = mail_app
password = liverpool
hosts = localhost
dbname = postfixadmin
query = SELECT maildir from mailbox,alias_domain WHERE 
alias_domain.alias_domain = '%d' AND mailbox.username = '%u' || '@' || 
alias_domain.target_domain AND mailbox.active = TRUE AND alias_domain.active = 
TRUE
user = mail_app
password = liverpool
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias,alias_domain WHERE alias_domain.alias_domain = 
'%d' AND alias.address = '%u' || '@' || alias_domain.target_domain AND 
alias.active = TRUE and alias_domain.active = TRUE
user = mail_app
password = liverpool
hosts = localhost
dbname = postfixadmin
query = SELECT goto FROM alias WHERE address='%s' AND active = TRUE
user = mail_app
password = liverpool
hosts = localhost
dbname = postfixadmin
query = SELECT domain FROM domain WHERE domain = '%s' AND backupmx = FALSE AND 
active = TRUE
user = mail_app
password = liverpool
hosts = localhost
dbname = postfixadmin
query = SELECT maildir FROM mailbox WHERE username = '%s' AND active = TRUE

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to