# [SOLVED]Postfix Local transport not receiving mail

## FuriousGeorge

I followed the Official Virtual Mailhosting System with Postfix Guide, and it almost works as expected but not quite.

My virtual domain is fine.  It can both send and receive mail.

My local domain can send mail, but as far as i can tell, is not receiving mail.

note that both are FQDNs

The postfix logs indicate the mail was delivered:

```
Jan  7 16:34:32 thedude postfix/local[15333]: 85E053B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.87, delays=0.62/0.03/0/0.22, dsn=2.0.0, status=sent (delivered to maildir)
```

... but if I grep around for a word from the subject in /home/foo/.maildir/ i cannot locate the file which matches the supposedly delivered mail.  I know the db setting for the maildir is being used, because if I try to move it other things break.

Conversely, if i grep around for a message in /home/vmail/virtdomain.com/foo/.maildir/ i see the messages in Squirrelmail's inbox in ./cur/

So, I cant find the messages, and obviously neither can squirrelmail as its ./cur/ directory is always empty despite postfix's assertion that the mail was delivered to maildir.

my postfix settings are as follows:

```
# postfix -n

postfix: invalid option -- n

postfix: fatal: usage: postfix [-c config_dir] [-Dv] command

thedude home # postconf -n

alias_maps = hash:/usr/local/mailman/data/aliases,      mysql:/etc/postfix/mysql-aliases.cf

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_destination_concurrency_limit = 10

home_mailbox = .maildir/

html_directory = /usr/share/doc/postfix-2.4.5/html

inet_interfaces = all

local_destination_concurrency_limit = 2

local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtual-maps.cf unix:passwd.byname

local_transport = local

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = thedude, localhost.localdomain, localdomain.com

mydomain = localdomain.com

myhostname = thedude.localdomain.com

mynetworks = 67.18.17.0/24, 127.0.0.0/8

newaliases_path = /usr/bin/newaliases

owner_request_special = no

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.4.5/readme

recipient_delimiter = +

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_tls_note_starttls_offer = yes

smtp_use_tls = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,      reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newkey.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 550

virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,      mysql:/etc/postfix/mysql-virtual.cf

virtual_gid_maps = static:1000

virtual_mailbox_base = /

virtual_mailbox_domains = virtdomain.com

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1000

virtual_transport = virtual

virtual_uid_maps = static:1000

```

```
 

# cat /etc/postfix/master.cf

smtp      inet  n       -       n       -       -       smtpd -v

pickup    fifo  n       -       n       60      1       pickup

cleanup   unix  n       -       n       -       0       cleanup

qmgr      fifo  n       -       n       300     1       qmgr

tlsmgr    unix  -       -       n       1000?   1       tlsmgr

rewrite   unix  -       -       n       -       -       trivial-rewrite

bounce    unix  -       -       n       -       0       bounce

defer     unix  -       -       n       -       0       bounce

trace     unix  -       -       n       -       0       bounce

verify    unix  -       -       n       -       1       verify

flush     unix  n       -       n       1000?   0       flush

proxymap  unix  -       -       n       -       -       proxymap

smtp      unix  -       -       n       -       -       smtp

showq     unix  n       -       n       -       -       showq

error     unix  -       -       n       -       -       error

retry     unix  -       -       n       -       -       error

discard   unix  -       -       n       -       -       discard

local     unix  -       n       n       -       -       local -v

virtual   unix  -       n       n       -       -       virtual

lmtp      unix  -       -       n       -       -       lmtp

anvil     unix  -       -       n       -       1       anvil

scache    unix  -       -       n       -       1       scache

```

```
# mysql -u root -p

Enter password:

Welcome to the MySQL monitor.  Commands end with ; or \g.

Your MySQL connection id is 2560

Server version: 5.0.44-log Gentoo Linux mysql-5.0.44

Type 'help;' or '\h' for help. Type '\c' to clear the buffer.

mysql> use mailsql;

Reading table information for completion of table and column names

You can turn off this feature to get a quicker startup with -A

Database changed

mysql> show tables;

+-------------------+

| Tables_in_mailsql |

+-------------------+

| alias             |

| relocated         |

| transport         |

| users             |

| virtual           |

+-------------------+

5 rows in set (0.00 sec)

mysql> select * from alias;

+----+------------+------------------------+

| id | alias      | destination            |

+----+------------+------------------------+

|  1 | admin      | root@localdomain.com       |

|  2 | postmaster | postmaster@localdomain.com |

+----+------------+------------------------+

2 rows in set (0.02 sec)

mysql> select * from relocated;

Empty set (0.00 sec)

mysql> select * from transport;

+----+-------------+-------------+

| id | domain      | destination |

+----+-------------+-------------+

|  1 | localdomain.com | local:      |

|  2 | virtdomain.com | virtual:    |

+----+-------------+-------------+

2 rows in set (0.15 sec)

mysql> select * from users;

+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+

| id | email              | clear    | name              | uid  | gid  | homedir     | maildir                                  | quota | postfix |

+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+

|  1 | admin@localdomain.com  | secret | Foo Q. Public    | 1001 | 1001 | /home/foo | /home/foo/.maildir/                    |       | y       |

|  2 | damian@virtdomain | secret | Damian Smith | 1000 | 1000 | /home/vmail | /home/vmail/virtdomain.com/damian/.maildir/ |       | y       |

+----+--------------------+----------+-------------------+------+------+-------------+------------------------------------------+-------+---------+

2 rows in set (0.01 sec)

mysql> select * from virtual;

Empty set (0.00 sec)

mysql> quit

Bye

```

Here are 100 or so lines of log that correspond to the local domain which cannot receive but can send attempting to send itself a message:

```

# cat /tmp/postfix_troubles.txt

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: 0

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: address

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: address

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: (list terminator)

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: (end)

Jan  7 18:02:51 thedude postfix/local[15580]: rewrite_clnt: local: root@localdomain.com -> root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: tok822_rewrite: result: root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: send attr request = resolve

Jan  7 18:02:51 thedude postfix/local[15580]: send attr sender =

Jan  7 18:02:51 thedude postfix/local[15580]: send attr address = root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: 0

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: transport

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: transport

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: local

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: nexthop

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: nexthop

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: recipient

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: recipient

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: flags

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute value: 256

Jan  7 18:02:51 thedude postfix/local[15580]: private/rewrite socket: wanted attribute: (list terminator)

Jan  7 18:02:51 thedude postfix/local[15580]: input attribute name: (end)

Jan  7 18:02:51 thedude postfix/local[15580]: resolve_clnt: `' -> `root@localdomain.com' -> transp=`local' host=`localdomain.com' rcpt=`root@localdomain.com' flags= class=local

Jan  7 18:02:51 thedude postfix/local[15580]: tok822_resolve: from= addr=root@localdomain.com -> chan=local, host=localdomain.com, rcpt=root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_recipient[5]: local admin recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: been_here: recipient 5 root@localdomain.com: 0

Jan  7 18:02:51 thedude postfix/local[15580]: level: 0

Jan  7 18:02:51 thedude postfix/local[15580]: path: active/DC71E3B0D1

Jan  7 18:02:51 thedude postfix/local[15580]: fp: 0x808db10

Jan  7 18:02:51 thedude postfix/local[15580]: queue_name: active

Jan  7 18:02:51 thedude postfix/local[15580]: queue_id: DC71E3B0D1

Jan  7 18:02:51 thedude postfix/local[15580]: offset: 561

Jan  7 18:02:51 thedude postfix/local[15580]: sender: admin@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: recipient: root@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: domain: localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: local: root

Jan  7 18:02:51 thedude postfix/local[15580]: user: root

Jan  7 18:02:51 thedude postfix/local[15580]: extension: null

Jan  7 18:02:51 thedude postfix/local[15580]: unmatched: null

Jan  7 18:02:51 thedude postfix/local[15580]: owner: null

Jan  7 18:02:51 thedude postfix/local[15580]: delivered: admin@localdomain.com

Jan  7 18:02:51 thedude postfix/local[15580]: relay: local

Jan  7 18:02:51 thedude postfix/local[15580]: exp_type: 1

Jan  7 18:02:51 thedude postfix/local[15580]: exp_from: admin

Jan  7 18:02:51 thedude postfix/local[15580]: why: buffer

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_switch[6]: local root recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_alias[7]: local root recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_alias: hash:/usr/local/mailman/data/aliases(0,lock|no_regsub|no_proxy|no_unauth|fold_fix): root not found

Jan  7 18:02:51 thedude postfix/local[15580]: dict_mysql_get_active: found active connection to host unix:/var/run/mysqld/mysqld.sock

Jan  7 18:02:51 thedude postfix/local[15580]: dict_mysql: successful query from host unix:/var/run/mysqld/mysqld.sock

Jan  7 18:02:51 thedude postfix/local[15580]: dict_mysql_lookup: retrieved 0 rows

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_alias: mysql:/etc/postfix/mysql-aliases.cf(0,lock|no_regsub|no_proxy|no_unauth|fold_fix): root not found

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_dotforward[7]: local root recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_dotforward[7]: set user_attr: root

Jan  7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 0 egid 0

Jan  7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 207 egid 207

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_dotforward: path /root/.forward expand_status 0 look_status -1

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_mailbox[7]: local root recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: been_here: mailbox root: 0

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_mailbox[7]: set user_attr: root

Jan  7 18:02:51 thedude postfix/local[15580]: deliver_maildir[8]: local root recip root@localdomain.com exten  deliver admin@localdomain.com exp_from admin

Jan  7 18:02:51 thedude postfix/local[15580]: set_eugid: euid 0 egid 0

Jan  7 18:02:52 thedude postfix/local[15580]: set_eugid: euid 207 egid 207

Jan  7 18:02:52 thedude postfix/local[15580]: DC71E3B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.17, delays=0.06/0.01/0/0.09, dsn=2.0.0, status=sent (delivered to maildir)

Jan  7 18:02:52 thedude postfix/local[15580]: deliver_request_final: send: "" 0

Jan  7 18:02:52 thedude postfix/local[15580]: send attr status =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr diag_type =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr diag_text =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr mta_type =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr mta_mname =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr action =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr reason =

Jan  7 18:02:52 thedude postfix/local[15580]: send attr status = 0

Jan  7 18:02:52 thedude postfix/qmgr[15568]: DC71E3B0D1: removed

Jan  7 18:02:52 thedude postfix/local[15580]: master_notify: status 1

Jan  7 18:02:52 thedude postfix/local[15580]: connection closed

Jan  7 18:02:52 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=1

Jan  7 18:02:52 thedude imapd: Connection, ip=[::ffff:67.18.17.245]

Jan  7 18:02:52 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP

Jan  7 18:02:52 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0

Jan  7 18:02:56 thedude postfix/local[15580]: rewrite stream disconnect

Jan  7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]

Jan  7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP

Jan  7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0

Jan  7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]

Jan  7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP

Jan  7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0

Jan  7 18:02:56 thedude imapd: Connection, ip=[::ffff:67.18.17.245]

Jan  7 18:02:56 thedude imapd: LOGIN, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], protocol=IMAP

Jan  7 18:02:56 thedude imapd: LOGOUT, user=admin@localdomain.com, ip=[::ffff:67.18.17.245], headers=0, body=0, time=0

Jan  7 18:02:56 thedude postfix/smtpd[15569]: auto_clnt_close: disconnect private/tlsmgr stream

Jan  7 18:02:56 thedude postfix/smtpd[15569]: rewrite stream disconnect

```

As a side not, a line code listing 10.9 reads as follows:

```
local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname
```

I think this would be more clear if it read:

```
local_recipient_maps = mysql:/$alias_maps mysql:/$virtual_mailbox_maps unix:passwd.byname
```

...  you can imagine what mistake i made.

Also, the troubleshooting section makes references to /var/log/mail.

At least as of 2007.0 they are no longer there.Last edited by FuriousGeorge on Tue Jan 08, 2008 8:10 pm; edited 1 time in total

----------

## kashani

Why are you setting a domain to local: transport and then trying to force all the lookups through the db? While certainly possible after a fashion it tends to make things complicated and is ugly to troubleshoot. 

In the past I have set the local domain to local: and then postfix will use the regular system accounts for lookups without having to do anything else. That seems to be the behavior you want unless I'm missing something.

kashani

----------

## FuriousGeorge

 *kashani wrote:*   

> Why are you setting a domain to local: transport and then trying to force all the lookups through the db? While certainly possible after a fashion it tends to make things complicated and is ugly to troubleshoot. 

 

Interesting you should mention this because my buddies in #postfix pointed out the same thing (at least it sounded the same to my inexperienced ear).  My response was that I'm following the official gentoo howto, and I dont know how else to do it.  

I guess you are also saying that you disagree with the HowTo, because I didnt deviate from that as far as i can tell.

 *Quote:*   

> 
> 
> In the past I have set the local domain to local: and then postfix will use the regular system accounts for lookups without having to do anything else. That seems to be the behavior you want unless I'm missing something.
> 
> kashani

 

Set them to local where?  somewhere in main.cf?  i do, in fact want that, especially if it makes it easier.

We must be talking about this line in main.cf:

```
local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtual-maps.cf unix:passwd.byname
```

Currently, I think the settings we are talking about are set in the 'transport' table of my db.  Should that instead go in some directive in min.cf?

I'm gonna keep looking into it and see if I can't update with some progress or a solution.

----------

## kashani

Wow, it looks like the Gentoo How-to has become even more retarded that it was before. I didn't realize that and I'll try to un-fsck your config into something that'll work. However I highly recommend scrapping they whole thing in favor of PostfixAdmin which is a far better system and easier to admin with it's PHP web interface.

I"m not fully up to speed on the Gentoo How-to these days, but the following should work. You need to have these lines in you main.cf.

```

mydestination = thedude, localhost.localdomain, localdomain.com

virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-aliases.cf 

virtual_gid_maps = static:1000

virtual_mailbox_base = /var/vmail/

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual.cf

virtual_mailbox_limit = 112400000

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1000

virtual_transport = virtual

virtual_uid_maps = static:1000

```

Remove the alias_maps line, the Postfix internal default is fine. Same with local_transport and local_recipient_maps. No one used relocated_maps either so you can drop that as well. 

Couple of notes on this. The proxy:mysql: statement allows Postfix to use the same Mysql connection so if someone mail bombs your mail server Postfix will not open 400 connections to your db and slow everything to a halt. Otherwise it is functionally the same as just using mysql: as the Gentoo How-to shows. I dropped all the mailman stuff since I know all of one user who uses it across virtual domains. If you want to use it with one domain I recommend making that domain local and doing it through normal aliases. Lastly since we are deleting the alias_maps you'll need to make sure that any aliases for your local domain is specified in /etc/mail/aliases and then run newaliases. 

If you're interested in PostfixAdmin my main.cf changes are online at http://badapple.net/main-cf.txt and I'd be more than happy to answer any questions about my setup.

kashani

----------

## FuriousGeorge

 *kashani wrote:*   

> Wow, it looks like the Gentoo How-to has become even more retarded that it was before. I didn't realize that and I'll try to un-fsck your config into something that'll work. However I highly recommend scrapping they whole thing in favor of PostfixAdmin which is a far better system and easier to admin with it's PHP web interface.

 

I believe the howtwo sets things up for Postfix Admin because it had me install it.  I assume once the mail is working, basic administrative tasks will be handled by Postfix Admin.

 *Quote:*   

> 
> 
> I"m not fully up to speed on the Gentoo How-to these days, but the following should work. You need to have these lines in you main.cf.
> 
> ```
> ...

 

I made the changes as per your specifications.

```

stfix-script: refreshing the Postfix mail system

thedude ~ # postconf -n

alias_maps = hash:/usr/local/mailman/data/aliases,      mysql:/etc/postfix/mysql-aliases.cf

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_destination_concurrency_limit = 10

home_mailbox = .maildir/

html_directory = /usr/share/doc/postfix-2.4.5/html

inet_interfaces = all

local_destination_concurrency_limit = 2

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = thedude, localhost.localdomain, localdomain.com

mydomain = localhomain.com

myhostname = thedude.localdomain.com

mynetworks = 67.18.17.0/24, 127.0.0.0/8

newaliases_path = /usr/bin/newaliases

owner_request_special = no

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.4.5/readme

recipient_delimiter = +

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_tls_note_starttls_offer = yes

smtp_use_tls = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,      reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newkey.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 550

virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,      mysql:/etc/postfix/mysql-virtual.cf

virtual_gid_maps = static:1000

virtual_mailbox_base = /var/vmail

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual.cf

virtual_mailbox_limit = 112400000

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1000

virtual_transport = virtual

virtual_uid_maps = static:1000

```

...and thats what main.cf looks like now.

The results are as follows:

my virtual domain, which was previously working fine afaik, was now kicking back messages sent to its users with the dreaded 'relay access denied'.  

i set virtual_mailbox_domains back to 'my_virtual_domain.com' and that got rid of the 'relay access denied' errors;  and setting virtual_mailbox_base back to '/' from '/var/vmail/' stopped postfix from attempting to deliver mail to /var/vmail/home/vmail/my_virtual_domain. com/mailbox/.maildir.  

I am once again receiving mail at the virtual domain.

I also see something is still invoking the alias maps directive despite the fact that i have commented out 'alias_maps = blah' in main.cf.  I'll work on regaining control of that value now.

On the local transport, much like before, mail is reported as delivered, but no such mail is seen in squirrelmail or by grep-ing around in the maildir.  Conversely, I can find mail just by grep-ing around in the virtual maildir.

The logs look identical to me as before:

```

Jan  7 20:02:21 thedude postfix/local[15949]: 98BE33B0D1: to=<root@localdomain.com>, orig_to=<admin@localdomain.com>, relay=local, delay=0.3, delays=0.19/0.05/0/0.06, dsn=2.0.0, status=sent (delivered to maildir)

/home/foo/.maildir/ # grep -R test ./

./.Sent/cur/1199676190.M253900P12756V000000000000CA00I0003D0D7_0.thedude.localdomain.com,S=539:2,S:Subject: another test message

(all messages here are the ones ive sent from squirrelmail)

/home/vmail/ # grep -R test ./

./virtdomain.com/damian/.maildir/cur/1199684402.Vca00I3d0f3M664602.thedude.localdomain.com:2,:Subject: test message from gmail to domains

(otoh, here you clearly see messages in the /cur/ directory which are in fact in my INBOX)

```

I appreciate all your help so far, but it still appears as if local mail is being sent to some unknown place.

UPDATE

I also wanted to make sure I didnt overcomplicate the issue by complicating matters:

I have 2 fqdn.  

One is set up as virtual, and one is set up as local.

Both can send mail.

The virtual domain receives mail as well.

the local domain does not get mail in the ./cur/ directory of its .maildir, like the other domain.  That's the only problem, afaik.

It seems to me like postfix is 'losing' the mail.  I say that because the logs indicate the mail is delivered to the maildir, but nor I nor squirrelmail nor anyone I've spoken with can find it.  I have no reason to believe the maildir setting is being ignored by the db.  for instance, if i change that value in the db i will see in the log 'permission denied' for other folders that vmail user doesnt have perms for.

I have a thought.  Since postfix is supposed to do a lookup by unix user for delivering mail on the local transport, could it be that it is having trouble delivering to the root account in the /home/foo/ directory?  could that be confusing it or something?

----------

## kashani

Nah the Gentoo How-to and PostfixAdmin use different db schemas so you can not use them in conjunction with each other. It did have you install phpmyadmin which does help with the administration, but it's nowhere near as nice as PostfixAdmin.

So four things to do here. 

1. DELETE alias_maps from your main.cf. It is completely wrong and you do not need it. Remember to put any local aliases into /etc/mail/aliases and run newaliases

2. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf

I made a mistake and put the wrong query file on this one. Make sure it looks like the above. This is an improvement over the Gentoo How-to in that Postfix can start delivery to new domains as soon as you add them into the db. In the Gentoo How-to you need to add each domain manually and then restart Postfix for it to take affect. 

3. virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual.cf

Again my fault though it would be nice if the file had a more descriptive name. 

4. unknown_local_recipient_reject_code = 450

450 is a temporary error and won't bounce email. It's a good idea to set this to 450 from 550 while you're building a mail servers. However you do need to change it back one you're done as well as remove the -v from smtpd in your master.cf. 

Unless I did something wrong (again) the above should work.

kashani

----------

## kashani

Ah yeah the /var/vmail/ thing is probably a PostfixAdmin thing ... I really need to build a Gentoo How-to mail server some where so I can reference it at times like this. Setting that back to / is probably the rioght thing since it works.  :Smile: 

In regards to .maildir/cur Squirrelmail is taking the mail from .maildir/new/ and putting it in .maildir/cur/ via the IMAP daemon. Postfix will always always delivery to new. If you log in as the local user via Squirelmail then you shoudl see the mail or grep in the ./new/ folder.

kashani

----------

## FuriousGeorge

 *kashani wrote:*   

> 
> 
> In regards to .maildir/cur Squirrelmail is taking the mail from .maildir/new/ and putting it in .maildir/cur/ via the IMAP daemon. Postfix will always always delivery to new. 

 

You are right about that when it comes to my virtual domain.  Its plain to see where the mail is going when i send to and from my_virtual_domain.com.

```

/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/new/

total 5

drwx------ 2 vmail vmail 1024 Jan  7 20:58 .

drwx------ 9 vmail vmail 1024 Jan  7 00:40 ..

-rw------- 1 vmail vmail 2176 Jan  7 20:58 1199757481.Vca00I3d115M288472.thedude.my_local_domain.com

/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/cur/

total 21

drwx------ 2 vmail vmail 1024 Jan  7 20:54 .

drwx------ 9 vmail vmail 1024 Jan  7 00:40 ..

-rw------- 1 vmail vmail 2702 Jan  7 00:40 1199684402.Vca00I3d0efM658329.thedude.my_local_domain.com:2,

-rw------- 1 vmail vmail 2182 Jan  7 00:40 1199684402.Vca00I3d0f3M664602.thedude.my_local_domain.com:2,

-rw------- 1 vmail vmail 2146 Jan  7 00:40 1199684402.Vca00I3d0f7M665965.thedude.my_local_domain.com:2,

-rw------- 1 vmail vmail 2431 Jan  7 00:41 1199684486.Vca00I3d101M905700.thedude.my_local_domain.com:2,S

-rw------- 1 vmail vmail 2222 Jan  7 00:43 1199684610.Vca00I3d10dM977064.thedude.my_local_domain.com:2,S

-rw------- 1 vmail vmail  833 Jan  7 00:50 1199685002.Vca00I3d0d8M300831.thedude.my_local_domain.com:2,

-rw------- 1 vmail vmail 2129 Jan  7 20:54 1199757256.Vca00I3d11cM258685.thedude.my_local_domain.com:2,

/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/.Sent/cur/

total 4

drwx------ 2 vmail vmail 1024 Jan  7 19:57 .

drwx------ 6 vmail vmail 1024 Jan  7 19:56 ..

-rw-r--r-- 1 vmail vmail  535 Jan  7 19:56 1199753790.M49219P15869V000000000000CA00I0003D119_0.thedude.my_local_domain.com,S=535:2,S

-rw-r--r-- 1 vmail vmail  576 Jan  7 19:57 1199753875.M305226P15902V000000000000CA00I0003D11A_0.thedude.my_local_domain.com,S=576:2,S

/ # ls -la /home/vmail/my_virtual_domain.com/damian/.maildir/.Sent/new

total 2

drwx------ 2 vmail vmail 1024 Jan  7 00:40 .

drwx------ 6 vmail vmail 1024 Jan  7 19:56 ..

```

 *Quote:*   

>  If you log in as the local user via Squirelmail then you shoudl see the mail or grep in the ./new/ folder

 

I must disagree with you there when it comes to my local domain.  It is just as plain to see that mail isnt making it into the LOCAL domain user's .maildir

For instance, in squirrelmail, the INBOX is empty.

Also, i can't 'ls' and find any mail in the local domain's maildir

```

/ # ls -la /home/foo/.maildir/cur/

total 2

drwxr--r-- 2 foo foo 1024 Dec 28 00:40 .

drwxr--r-- 9 foo foo 1024 Jan  7 16:38 ..

/ # ls -la /home/foo/.maildir/new/

total 2

drwxr--r-- 2 foo foo 1024 Dec 28 00:40 .

drwxr--r-- 9 foo foo 1024 Jan  7 16:38 ..

```

however, if you look in the sent directory you see plenty of mail i have sent from there:

```

# ls -la /home/foo/.maildir/.Sent/cur/

total 9

drwx------ 2 foo foo 1024 Jan  7 19:55 .

drwx------ 6 foo foo 1024 Jan  6 21:54 ..

-rw-r--r-- 1 foo foo  539 Jan  6 22:23 1199676190.M253900P12756V000000000000CA00I0003D0D7_0.thedude.localdomain.com,S=539:2,S etc., etc, etc

```

UPDATE

changing user/group to 'vmail' from 'foo' as per my virtual domain doesnt help, and in fact spits out to the log:

```
 Jan  7 22:11:46 thedude imapd: chdir /home/foo/.maildir/: Permission denied
```

So we know imapd is looking in the right place, and i still have plenty of proof my maildir setting in the db isnt being ignored either, so where are the messages going when postfix declares 'Delivered to maildir'

----------

## FuriousGeorge

UPDATE:  I noticed this response of yours after my last response

 *kashani wrote:*   

> Nah the Gentoo How-to and PostfixAdmin use different db schemas so you can not use them in conjunction with each other. It did have you install phpmyadmin which does help with the administration, but it's nowhere near as nice as PostfixAdmin.
> 
> So four things to do here. 
> 
> 1. DELETE alias_maps from your main.cf. It is completely wrong and you do not need it. Remember to put any local aliases into /etc/mail/aliases and run newaliases
> ...

 

Found the offending block and eliminated it

```

#commented out as per forum suggestion

#alias_maps     =

#       hash:/usr/local/mailman/data/aliases,

#       mysql:/etc/postfix/mysql-aliases.cf

```

 *Quote:*   

> 
> 
> 2. virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf
> 
> I made a mistake and put the wrong query file on this one. Make sure it looks like the above. This is an improvement over the Gentoo How-to in that Postfix can start delivery to new domains as soon as you add them into the db. In the Gentoo How-to you need to add each domain manually and then restart Postfix for it to take affect. 
> ...

 

I get a different error now:

```

thedude postfix/smtpd[17245]: NOQUEUE: reject: RCPT from an-out-0708.google.com[209.85.132.249]: 450 4.1.1 <admin@localdomain.com>: Recipient address rejected: User unknown in local recipient table; from=<brian@gmail.com> to=<admin@localdomain.com> proto=ESMTP helo=<an-out-0708.google.com>

```

I'm confused as to how its going to know about the admin->root alias if i am no longer pointing any postfix directive alias.cf.  I assumed thats what /etc/mail/aliases was fot, but i guess not (it is complaining about a table...).  So I tried a few settings in main.cf on my own to no avail

```

### removed as per forum recommendation local_recipient_maps = mysql:/etc/postfix/mysql-aliases.cf mysql:/etc/postfix/mysql-virtua$

#local_recipient_maps = unix:passwd.byname mysql:/etc/postfix/mysql-aliases.cf

#local_recipient_maps = unix:passwd.byname

#local_recipient_maps =
```

also tried messing with my alias table a bit with the local_recipient_maps setting

I'm not sure if this is progress, but its nice to have some change, anyway.  I'm gonna keep messing with stuff, if something works out ill post it.  Let me know if you get any ideas.

POSTFIX Settings

```

# postconf -n

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_destination_concurrency_limit = 10

home_mailbox = .maildir/

html_directory = /usr/share/doc/postfix-2.4.5/html

inet_interfaces = all

local_destination_concurrency_limit = 2

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = thedude, localhost.localdomain, localdomain.com

mydomain = localdomain.com

myhostname = thedude.localdomain.com

mynetworks = 67.18.17.0/24, 127.0.0.0/8

newaliases_path = /usr/bin/newaliases

owner_request_special = no

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.4.5/readme

recipient_delimiter = +

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

sample_directory = /etc/postfix

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtp_tls_note_starttls_offer = yes

smtp_use_tls = yes

smtpd_recipient_restrictions = permit_sasl_authenticated,       permit_mynetworks,      reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain =

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newkey.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 450

virtual_alias_maps = hash:/usr/local/mailman/data/virtual-mailman,      mysql:/etc/postfix/mysql-virtual.cf

virtual_gid_maps = static:1000

virtual_mailbox_base = /

virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-transport.cf

virtual_mailbox_limit = 112400000

virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1000

virtual_transport = virtual

virtual_uid_maps = static:1000

```

/etc/mail/aliases

```

# cat /etc/mail/aliases

# Basic system aliases -- these MUST be present.

MAILER-DAEMON:      postmaster

postmaster:         root

# General redirections for pseudo accounts.

adm:                root

bin:                root

daemon:             root

exim:               root

lp:                 root

mail:               root

named:              root

nobody:             root

postfix:            root

# Well-known aliases -- these should be filled in!

root:admin@localdomain.com

operator:brian@localdomain.com

# Standard RFC2142 aliases

abuse:              postmaster

ftp:                root

hostmaster:         root

news:               usenet

noc:                root

security:           root

usenet:             root

uucp:               root

webmaster:          root

www:                webmaster

# trap decode to catch security attacks

# decode:           /dev/null

```

----------

## FuriousGeorge

After changing the settings as per your suggestions, I got a little help from IRC, and we solved the problem.

As I noticed before, no where were we pointing main.cf to the map for the alias table in my db, so I did so with the alias_maps directive.  There may have been another way, but by adding an alias of 'admin' to 'root' in the alias table then solved the problem.

It seems that after all it was my alias, which was a minor deviation for the howto, was the culprit.

Mea maxima culpa.

Now, onto the spam filtering howto  :Smile: 

----------

## kashani

Virtual mail is always a bit of a bear to get right the first time. I think I finally felt comfortable with it after my third rebuild. Glad you got it worked out.

kashani

----------

