# Postfix & Virtual Mail: catchall for unknown users

## alexandero

I'm having troubles with the virtual mail setup (as described in the docs). I want all mail for recipients that cannot be found in the users or virtual mysql table to end up in office@mydomain.com - but as soon as I add @mydomain.com  ->  office@mydomain.com to my virtual table, all mail is redirected there, ignoring all other users:

mail.log when sending mail from alex@mydomain.com to alex@mydomain.com:

```

Feb  3 12:37:18 dmz postfix/qmgr[2046]: 6C9AB1FEF2A: from=<alex@mydomain.com>, size=626, nrcpt=1 (queue active)

Feb  3 12:37:19 dmz spamd[31005]: connection from localhost [127.0.0.1] at port 34590 

Feb  3 12:37:19 dmz spamd[14211]: info: setuid to filter succeeded 

Feb  3 12:37:21 dmz spamd[14211]: processing message <50B6FB5F-563D-11D8-B828-000393488DFA@mydomain.com> for filter:2001. 

Feb  3 12:37:27 dmz spamd[14211]: clean message (0.0/4.0) for filter:2001 in 8.3 seconds, 652 bytes. 

Feb  3 12:37:27 dmz postfix/pickup[14169]: EBC9B1FEF2D: uid=2001 from=<alex@mydomain.com>

Feb  3 12:37:27 dmz postfix/cleanup[14200]: EBC9B1FEF2D: message-id=<50B6FB5F-563D-11D8-B828-000393488DFA@mydomain.com>

Feb  3 12:37:27 dmz postfix/pipe[14206]: 6C9AB1FEF2A: to=<office@mydomain.com>, orig_to=<alex@mydomain.com>, relay=filter, delay=9, status=sent (mail.mydomain.com)

Feb  3 12:37:28 dmz postfix/qmgr[2046]: EBC9B1FEF2D: from=<alex@mydomain.com>, size=940, nrcpt=1 (queue active)

Feb  3 12:37:28 dmz postfix/virtual[14215]: EBC9B1FEF2D: to=<office@mydomain.com>, relay=virtual, delay=1, status=sent (maildir)

```

virtual table:

```

 +----+----------------------------+----------------------------+ 

 | id | email                      | destination                | 

 +----+----------------------------+----------------------------+ 

 |  1 | virtualuser1@mydomain.com  | virtualuser1@mydomain.com  | 

 |  2 | @mydomain.com              | office@mydomain.com        | 

 +----+----------------------------+----------------------------+ 

```

users table:

```

+----+---------------------------+-------+--------------+------+-----+----------------------------------------+-------------------------------------------------+-------+---------+

| id | email                     | clear | name         | uid  | gid | homedir                                | maildir                                         | quota | postfix |

+----+---------------------------+-------+--------------+------+-----+----------------------------------------+-------------------------------------------------+-------+---------+

|  4 | alex@mydomain.com         | pw    | alex         | 1003 | 100 | /home/vmail/mydomain.com/alex/         | /home/vmail/mydomain.com/alex/.maildir/         |       | y       |

|  5 | office@mydomain.com       | pw    | office       | 1003 | 100 | /home/vmail/mydomain.com/office/       | /home/vmail/mydomain.com/office/.maildir/       |       | y       |

+----+---------------------------+-------+--------------+------+-----+----------------------------------------+-------------------------------------------------+-------+---------+

```

Any ideas? I'm pretty lost. Thanks.

----------

## Dr_Stein

you'll need

office@mydomain.com     office@mydomain.com

Each user will need a "one - to - one" mapping 

Sounds kind of strange, but it works.  :Smile: 

----------

## alexandero

This might have been a misunderstanding... what I want (and imho is a rather common feature) is to deliver all mail that has no 'real world' recipient (webmaster, postmaster, info,....) to one mailbox.

It would additionally help whenever I delete a real world user (e.g. because he is not working here anymore) his mails dont get rejected but are still recieved.

Ive seen exactly this entry in the virtual table here in the forums, but it doesn't work as it should.

----------

## Oopsz

The other guy didn't explain it well i guess..

in your virtual table, you need these entries:

@mydomain.com  office@mydomain.com

alex@mydomain.com alex@mydomain.com

because it checks the virtual table before the user table, if you don't have a mapping for the real users, it dumps it to the catchall account.  its the same way if you use hashed aliases (genaliases) with postfix.

----------

## alexandero

In other words have the catchall entry with the lowest id in the virtual table? Does postfix scan them ordered by id?

LATER:

no, doesnt work. I now have the @mydomain.com entry in virtual with id=1, but still every mail (no matter if to an address listed in virtual table or to an address in the users table) ends up in the catchall account.

So it must have another reason. I just dont know where to look, and as it took me days until I had a working configuration (with only this small problem) I dont really dare to start experiments again.

----------

## Oopsz

the id= doesn't matter.  It doesn't scan the table, it uses a mysql select!  

There just has to be a virtual entry IN ADDITION TO a user entry for delivery to accounts on a domain with a catchall.  this is from one of my virtual domains, assassins.ca:

virtual table:

```

            29   TheDirector@assassins.ca   TheDirector@sympatico.ca   

            31   m@assassins.ca   m@assassins.ca   

            32   kill@assassins.ca   kill@assassins.ca   

            34   @assassins.ca   catchall@assassins.ca   

            35   oopsz@assassins.ca   oopsz@tripadelic.com
```

users table:

```

11   m@assassins.ca   <removed>   M   1004   1004   /home/vmail/   /home/vmail/assassins.ca/m/.maildir/       y   

12   kill@assassins.ca   <removed>   kill reports   1004   1004   /home/vmail/   /home/vmail/assassins.ca/kill/.maildir/       y   

14   catchall@assassins.ca   <removed>   catchall account   1004   1004   /home/vmail/   /home/vmail/assassins.ca/catchall/.maildir/       y
```

and its working great..

----------

## kashani

alexandro,

What you've got is the exact same config I've been using and no problems. You're exactly right on the mysql select stuff. I'm wondering if you've got a typo somewhere in your config. Check your tables and make sure it's all correct. The thing to do might be to pull the @ catchall and see if alex can get mail at all. Then slowly add things back into your config until you can figure out where the problems are. 

kashani

----------

## alexandero

Kashani, Oopsz, thanks for the replies. As my users- and virtual-table is correct (for each user firstname.lastname@mydomain in users and firstname@mydomain in virtual, plus office@mydomain in users and @mydomain in virtual), its probably a setup problem.

As soon as I delete the @mydomain office@mydomain entry in virtual table everything works ok. One can send mails to entries in virtual as in users table - just when I add the one line *everything* ends up in office@mydomain.

Kashani, I dont really know where to start looking for - what config-files are related to this problem? Is it the postfix-configuration? I guess cyrus, courier, pam_mysql, mailman and spamassassin are not related, correct? In this case, here is my postconf -n:

```

root # postconf -n

alias_database = hash:/etc/mail/aliases

alias_maps = mysql:/etc/postfix/mysql-aliases.cf

broken_sasl_auth_clients = yes

command_directory = /usr/sbin

config_directory = /etc/postfix

daemon_directory = /usr/lib/postfix

debug_peer_level = 2

default_destination_concurrency_limit = 2

home_mailbox = .maildir/

inet_interfaces = all

local_destination_concurrency_limit = 2

local_recipient_maps = $alias_maps $virtual_mailbox_maps unix:passwd.byname

local_transport = local

mail_owner = postfix

mailq_path = /usr/bin/mailq

manpage_directory = /usr/share/man

mydestination = $myhostname, localhost.$mydomain, dmz.$mydomain, localhost

mydomain = sos-mitmensch.at

myhostname = mail.sos-mitmensch.at

mynetworks = 10.1.1.0/24, 127.0.0.0/8

myorigin = $mydomain

newaliases_path = /usr/bin/newaliases

queue_directory = /var/spool/postfix

readme_directory = /usr/share/doc/postfix-2.0.16-r1/readme

relocated_maps = mysql:/etc/postfix/mysql-relocated.cf

sample_directory = /etc/postfix/sample

sendmail_path = /usr/sbin/sendmail

setgid_group = postdrop

smtpd_recipient_restrictions = permit_sasl_authenticated,        permit_mynetworks,        reject_unauth_destination

smtpd_sasl_auth_enable = yes

smtpd_sasl_local_domain = 

smtpd_sasl_security_options = noanonymous

smtpd_tls_CAfile = /etc/postfix/cacert.pem

smtpd_tls_cert_file = /etc/postfix/newcert.pem

smtpd_tls_key_file = /etc/postfix/newreq.pem

smtpd_tls_loglevel = 3

smtpd_tls_received_header = yes

smtpd_tls_session_cache_timeout = 3600s

smtpd_use_tls = yes

tls_random_source = dev:/dev/urandom

unknown_local_recipient_reject_code = 550

virtual_alias_maps = mysql:/etc/postfix/mysql-virtual.cf

virtual_gid_maps = static:100

virtual_mailbox_base = /

virtual_mailbox_domains = social.at, sos-mitmensch.at

virtual_mailbox_maps = mysql:/etc/postfix/mysql-virtual-maps.cf

virtual_minimum_uid = 1000

virtual_transport = virtual

virtual_uid_maps = static:1003

```

----------

## kashani

Well crap.

http://www.marlow.dk/?target=postfix

 *Quote:*   

> 
> 
> Comment - IMPORTANT !!
> 
> There are some caveats in this table and the way, i've chosen to setup my postfix. If you want to use catchall-address (addresses, that collect all mails not going to other recipients), you'll have to make a virtual alias in the postfix_virtual table for every account created in the users-table. If an user isn't found in the postfix_virtual table, but a catchall-address is found, mails will be delivered to the catchall-address instead. By creating a row containing the user (some@domain.tld) in the email- and destination-fields, this doesn't happen. Postfix then also checks the users table and delivers the mail correctly.
> ...

 

Just tested my installation and realized it does work this way, where as my older installtion using the virtual and transport db files works fine. I think I need to do a bit of research tonight on this.

kashani

----------

## alexandero

Kashani, you're completely right. Every user in the users table has also to be listed in the virtual table.

Somehow I get the feeling that this is not the perfect solution, but at least we have a workaround.

----------

## appetitus

 *alexandero wrote:*   

> Somehow I get the feeling that this is not the perfect solution

 

Huh, it is the only solution, and it was first pointed out at the beginning of this thread.  Virtual table is searched FIRST!

----------

