OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
status=bounced, unknown user weirdness

From: Joona Hoikkala (joonakuori.org)
Date: Wed Aug 29 2007 - 10:20:27 CDT


Hello!

I'm having this strange problem with postfix and virtual e-mail
addresses. Everything sent to "real" mailboxes gets thru perfectly.
But problem is with virtual email aliases.
Seems like smtpd is able to "resolve" the address where mail sent to
alias should go to, but virtual is unable to figure it out... postmap
-q is able to resolve the alias aswell, this leaves me puzzled. Any
ideas?

I tried to include everything useful here:

Mail sent to "testausxox.fi" ... from /var/log/mail.info:

Aug 29 18:00:55 gorilla postfix/smtpd[17581]: connect from flexo.
4tune.fi[212.83.122.100]
Aug 29 18:00:55 gorilla postfix/smtpd[17581]: 3A3A98ECF: client=flexo.
4tune.fi[212.83.122.100]
Aug 29 18:00:55 gorilla postfix/cleanup[13316]: 3A3A98ECF: message-
id=<52F30AA6-7E99-4989-8F0D-DC0D7036280Dkummeligroup.fi>
Aug 29 18:00:55 gorilla postfix/qmgr[8240]: 3A3A98ECF:
from=<joona.hoikkalakummeligroup.fi>, size=796, nrcpt=1 (queue active)
Aug 29 18:00:55 gorilla postfix/smtpd[17581]: disconnect from flexo.
4tune.fi[212.83.122.100]
Aug 29 18:00:55 gorilla postfix/virtual[14786]: 3A3A98ECF:
to=<testausxox.fi>, relay=virtual, delay=0.29,
delays=0.11/0.07/0/0.12, dsn=5.1.1, status=bounced (unknown user:
"testausxox.fi")
Aug 29 18:00:55 gorilla postfix/cleanup[13316]: 78F478EE5: message-
id=<20070829150055.78F478EE5mail.kuori.org>
Aug 29 18:00:55 gorilla postfix/bounce[6549]: 3A3A98ECF: sender non-
delivery notification: 78F478EE5
Aug 29 18:00:55 gorilla postfix/qmgr[8240]: 78F478EE5: from=<>,
size=2525, nrcpt=1 (queue active)
Aug 29 18:00:55 gorilla postfix/qmgr[8240]: 3A3A98ECF: removed
Aug 29 18:00:55 gorilla postfix/smtp[20649]: 78F478EE5:
to=<joona.hoikkalakummeligroup.fi>, relay=mxfilter1.kummeligroup.fi
[212.83.122.17]:25, delay=0.13, delays=0.07/0.03/0.02/0, dsn=2.0.0,
status=sent (250 2.0.0 Ok: queued as 173E61CF67)
Aug 29 18:00:55 gorilla postfix/qmgr[8240]: 78F478EE5: removed

opposed to sending to invalid e-mail address /var/log/mail.info:

Aug 29 18:05:30 gorilla postfix/smtpd[30124]: connect from flexo.
4tune.fi[212.83.122.100]
Aug 29 18:05:30 gorilla postfix/smtpd[30124]: NOQUEUE: reject: RCPT
from flexo.4tune.fi[212.83.122.100]: 550 5.1.1
<invalid.mailaddressxox.fi>: Recipient address rejected: User
unknown in virtual mailbox table;
from=<joona.hoikkalakummeligroup.fi> to=<invalid.mailaddressxox.fi>
proto=ESMTP helo=<flexo.4tune.fi>
Aug 29 18:05:30 gorilla postfix/smtpd[30124]: disconnect from flexo.
4tune.fi[212.83.122.100]

However,
joonagorilla:~$ sudo postmap -q testausxox.fi proxy:mysql:/etc/
postfix/mysql_virtual_alias_maps.cf
joonakuori.org
joonagorilla:~$ echo $?
0

Mailboxes (while virtual aswell) work fine tho:

Aug 29 18:09:47 gorilla postfix/smtpd[10969]: connect from flexo.
4tune.fi[212.83.122.100]
Aug 29 18:09:47 gorilla postfix/smtpd[10969]: DF5668EDA: client=flexo.
4tune.fi[212.83.122.100]
Aug 29 18:09:47 gorilla postfix/cleanup[26815]: DF5668EDA: message-
id=<332D2EA6-619C-4954-853A-EF04BECC2E6Dkummeligroup.fi>
Aug 29 18:09:48 gorilla postfix/qmgr[8240]: DF5668EDA:
from=<joona.hoikkalakummeligroup.fi>, size=790, nrcpt=1 (queue active)
Aug 29 18:09:48 gorilla postfix/smtpd[10969]: disconnect from flexo.
4tune.fi[212.83.122.100]
Aug 29 18:09:48 gorilla postfix/virtual[19634]: DF5668EDA:
to=<joonakuori.org>, relay=virtual, delay=0.13, delays=0.1/0/0/0.03,
dsn=2.0.0, status=sent (delivered to maildir)
Aug 29 18:09:48 gorilla postfix/qmgr[8240]: DF5668EDA: removed

/etc/postfix/main.cf:

# See /usr/share/postfix/main.cf.dist for a commented, more complete
version

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

myhostname = mail.kuori.org
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = kuori.org
mydestination = mail.kuori.org, localhost.kuori.org, localhost,
localhost.localdomain
relayhost =
mynetworks = 127.0.0.0/8
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
mydomain = kuori.org
smtpd_tls_key_file = /etc/postfix/ssl/privkey.pem
smtpd_tls_cert_file = /etc/postfix/ssl/cert.pem
smtpd_tls_CAfile = /etc/postfix/ssl/cacert.pem
smtpd_tls_received_header = yes
smtpd_use_tls = yes
virtual_minimum_uid = 6060
virtual_gid_maps = static:6060
virtual_uid_maps = static:6060
virtual_alias_maps = proxy:mysql:/etc/postfix/
mysql_virtual_alias_maps.cf, hash:/etc/postfix/virtual
virtual_mailbox_domains = proxy:mysql:/etc/postfix/
mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/
mysql_virtual_mailbox_maps.cf
virtual_transport = virtual
virtual_mailbox_base = /home/vmail/
#maildrop_destination_concurrency_limit = 2
#maildrop_destination_recipient_limit = 1
broken_sasl_auth_clients = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_security_options = noanonymous
smtpd_sasl_authenticated_header = yes
smtpd_recipient_restrictions = permit_mynetworks,
permit_sasl_authenticated, reject_unauth_destination
transport_maps = hash:/etc/postfix/transport
#transport_destination_recipient_limit = 1
propagate_unmatched_extensions = canonical, virtual

/etc/postfix/master.cf:

#
========================================================================
==
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
#
========================================================================
==
smtp inet n - - - - smtpd
-o smtpd_use_tls=no
   -o smtpd_sasl_auth_enable=no
   -o receive_override_options=no_address_mappings
# If they want to relay, make them use port 587 (submission) or port
465 (smtps)
# If using submission port, configure client to use CRAM-MD5
submission inet n - - - - smtpd
   -o smtpd_use_tls=no
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o receive_override_options=no_address_mappings
# Outlook and OE (and many others) expect smtpd_tls_wrappermode,
# so have them submit here (port 465):
smtps inet n - - - - smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_tls_wrappermode=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o receive_override_options=no_address_mappings
# We will use port 4650 for clients that use STARTTLS:
4650 inet n - - - - smtpd
   -o smtpd_enforce_tls=yes
   -o smtpd_sasl_auth_enable=yes
   -o smtpd_client_restrictions=permit_sasl_authenticated,reject
   -o receive_override_options=no_address_mappings

#submission inet n - - - - smtpd
# -o smtpd_etrn_restrictions=reject
#628 inet n - - - - qmqpd
pickup fifo n - - 60 1 pickup
cleanup unix n - - - 0 cleanup
qmgr fifo n - - 300 1 qmgr
#qmgr fifo n - - 300 1 oqmgr
rewrite unix - - - - - trivial-rewrite
bounce unix - - - - 0 bounce
defer unix - - - - 0 bounce
trace unix - - - - 0 bounce
verify unix - - - - 1 verify
flush unix n - - 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - - - - smtp
relay unix - - - - - smtp
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - - - - showq
error unix - - - - - error
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
#
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
#
# maildrop. See the Postfix MAILDROP_README file for details.
#
#maildrop unix - n n - - pipe
# flags=Ru user=vmail argv=/usr/bin/maildrop -d ${recipient}

#alkup ->>>
#maildrop unix - n n - - pipe
# flags=DRhu user=vmail:daemon argv=/usr/bin/maildrop -w 90 -d $
{user}${nexthop} \
# ${extension} ${recipient} ${user} ${nexthop}
#maildrop unix - n n - - pipe
# flags=ODRhu user=vmail argv=/usr/bin/maildrop -d ${recipient}

#vacation unix - n n - - pipe
# flags=Rq user=vacation argv=/var/spool/vacation/vacation.pl -f $
{sender} -- ${recipient}

uucp unix - n n - - pipe
   flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail
($recipient)
ifmail unix - n n - - pipe
   flags=F user=ftn argv=/usr/lib/ifmail/ifmail -r $nexthop ($recipient)
bsmtp unix - n n - - pipe
   flags=Fq. user=bsmtp argv=/usr/lib/bsmtp/bsmtp -d -t$nexthop -f
$sender $recipient
scalemail-backend unix - n n - 2 pipe
   flags=R user=scalemail argv=/usr/lib/scalemail/bin/scalemail-store
${nexthop} ${user} ${extension}

vdelivermail unix - n n - - pipe
   flags=R user=qmailq argv=/usr/sbin/sendmail ${recipient}

# only used by postfix-tls
#tlsmgr fifo - - n 300 1 tlsmgr
#smtps inet n - n - - smtpd -o smtpd_tls_wrappermode=yes -o
smtpd_sasl_auth_enable=yes
#587 inet n - n - - smtpd -o smtpd_enforce_tls=yes -o
smtpd_sasl_auth_enable=yes
tlsmgr unix - - - 1000? 1 tlsmgr
scache unix - - - - 1 scache
discard unix - - - - - discard

--
jh