[Software] Postfix alias problem?

[geosoft]

I installed and configured mail server on Debian 12 with Postfix (virtual users in mysql).
Everything is ok, until I needed an alias like alias@domain.com to direct emails to user1@domain.com and user2@domain.com.
From the other domain alias works ok, from my domains, with address like any_address@domain.com, with e-mail client (outlook, thunderbird...) any email sent to alias@domain.com returns the error "User doesn't exist: alias@domain.com". From Roundcube (localhost), from any_address@domain.com, any e-mail to alias@domain.com is ok.

My main.cf is:
queue_directory = /var/spool/postfix

# TLS parameters

smtpd_tls_cert_file = /etc/letsencrypt/live/domain.com/fullchain.pem
smtpd_tls_key_file = /etc/letsencrypt/live/domain.com/privkey.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

myhostname = mail.domain.com
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = /etc/mailname
mydestination = $myhostname, mail.domain.com, localhost.domain.com, localhost
relayhost =
mynetworks = 127.0.0.0/8 217.external_IP/32 192.168.xx.0/24 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4
html_directory = /usr/share/doc/postfix/html

home_mailbox = Maildir/
virtual_mailbox_base = /var/spool/mail
virtual_gid_maps = static:5000
virtual_minimum_uid = 5000
virtual_uid_maps = static:5000

maximal_queue_lifetime = 1h
bounce_queue_lifetime = 1h
maximal_backoff_time = 15m
minimal_backoff_time = 5m
queue_run_delay = 5m

tls_preempt_cipherlist = yes
tls_ssl_options = NO_COMPRESSION
tls_high_cipherlist = EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA256:EECDH:+CAMELLIA128:+AES128:+SSLv3:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!IDEA:!ECDSA:kEDH:CAMELLIA128-SHA:AES128-SHA

smtp_tls_security_level = dane
smtp_dns_support_level = dnssec
#smtp_tls_policy_maps = mysql:/etc/postfix/tls-policy.cf
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_tls_protocols = !SSLv2, !SSLv3
smtp_tls_ciphers = high
smtp_tls_CAfile = /etc/letsencrypt/live/domain.com/cert.pem

smtpd_tls_security_level = may
smtpd_tls_protocols = !SSLv2, !SSLv3
smtpd_tls_ciphers = high
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache

virtual_transport = lmtp:unix:private/dovecot-lmtp

smtpd_milters = inet:localhost:11332
non_smtpd_milters = inet:localhost:11332
milter_protocol = 6
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_default_action = accept

smtpd_relay_restrictions = reject_non_fqdn_recipient
reject_unknown_recipient_domain
permit_mynetworks
reject_unauth_destination

smtpd_client_restrictions = permit_mynetworks
check_client_access hash:/etc/postfix/without_ptr
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks
reject_invalid_helo_hostname
reject_non_fqdn_helo_hostname
reject_unknown_helo_hostname

# Block clients, which start sending too early
smtpd_data_restrictions = reject_unauth_pipelining

mua_relay_restrictions = reject_non_fqdn_recipient,reject_unknown_recipient_domain,permit_mynetworks,permit_sasl_authenticated,reject
mua_sender_restrictions = permit_mynetworks,reject_non_fqdn_sender,reject_sender_login_mismatch,permit_sasl_authenticated,reject
mua_client_restrictions = permit_mynetworks,permit_sasl_authenticated,reject

### Postscreen Whitelist / Blocklist
postscreen_access_list = permit_mynetworks
cidr:/etc/postfix/postscreen_access
postscreen_blacklist_action = drop

# Drop connections if other server is sending too quickly
postscreen_greet_action = drop


### DNS blocklists
postscreen_dnsbl_threshold = 2
postscreen_dnsbl_sites = ix.dnsbl.manitu.net*2
zen.spamhaus.org*2
postscreen_dnsbl_action = drop

## MySQL queries

local_recipient_maps = $virtual_mailbox_maps
virtual_alias_maps = mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_mailbox_domains = mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf

### Maximum mailbox size (0=unlimited - is already limited by Dovecot quota)
mailbox_size_limit = 0

### Maximum size of inbound e-mails (50 MB)
message_size_limit = 52428800

### Do not notify system users on new e-mail
biff = no

### Users always have to provide full e-mail addresses
append_dot_mydomain = no

### Delimiter for "Address Tagging"
recipient_delimiter = +


Where is the problem?
Thanks!

[reinob]

first of all: you are most likely not the owner of domain.com so don't use it as example. Use example.com OK?
(or something like <my-domain> or whatever, as long as it's not a real domain you don't own yourself).

[reinob]

It's also hard to debug without knowing how your querying the database, and how the database looks like.

Do I understand correctly that when you use Outlook to send From: any_address@<your-domain> To: alias@<your-domain> it gives the error message, but when you use your local Roundcube instance to do exactly the same it works?

What does the postfix log show in both cases?

[geosoft]

In mysql there is no difference between the two queries, so it is not a database problem or the query mode.
If I use Roundcube to send mail from any <any_address@my-domain> to alias@my-domain it works without any problems.
Just using any email client, both from inside the network and from outside, I get the message "unknown user"

Postfix log for <my-address@gmail.com> to <alias@my-domain>:

Code: Select all

2025-01-12T08:54:38.944224+02:00 mail postfix/postscreen[418067]: CONNECT from [209.85.218.47]:50282 to [217.156.xx.xx]:25
2025-01-12T08:54:44.103451+02:00 mail postfix/postscreen[418067]: PASS OLD [209.85.218.47]:50282
2025-01-12T08:54:44.667110+02:00 mail postfix/smtpd[418070]: connect from mail-ej1-f47.google.com[209.85.218.47]
2025-01-12T08:54:44.960259+02:00 mail postfix/smtpd[418070]: EA5B79420085: client=mail-ej1-f47.google.com[209.85.218.47]
2025-01-12T08:54:44.963405+02:00 mail postfix/cleanup[418072]: EA5B79420085: message-id=<0b59c28d-871e-46e9-98cc-ab6356a6dfe2@gmail.com>
2025-01-12T08:54:45.717789+02:00 mail postfix/qmgr[372376]: EA5B79420085: from=<my_address>@gmail.com>, size=4322, nrcpt=2 (queue active)
2025-01-12T08:54:45.742145+02:00 mail dovecot: lmtp(418075): Connect from local
2025-01-12T08:54:45.760417+02:00 mail dovecot: lmtp(<user1@my-domain>)<418075><Pls0LDVng2cbYQYA1GV6Ug>: sieve: msgid=<0b59c28d-871e-46e9-98cc-ab6356a6dfe2@gmail.com>: stored mail into mailbox 'INBOX'
2025-01-12T08:54:45.762574+02:00 mail postfix/smtpd[418070]: disconnect from mail-ej1-f47.google.com[209.85.218.47] ehlo=2 starttls=1 mail=1 rcpt=1 bdat=1 quit=1 commands=7
2025-01-12T08:54:45.764652+02:00 mail dovecot: lmtp(<user2@my-domain>)<418075><Pls0LDVng2cbYQYA1GV6Ug:R2>: sieve: msgid=<0b59c28d-871e-46e9-98cc-ab6356a6dfe2@gmail.com>: stored mail into mailbox 'INBOX'
2025-01-12T08:54:45.765265+02:00 mail postfix/lmtp[418074]: EA5B79420085: to=<user1@my-domain>, orig_to=<alias@my-domain>, relay=mail.xxx.xxx[private/dovecot-lmtp], delay=0.82, delays=0.77/0.01/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 <user2@my-domain> Pls0LDVng2cbYQYA1GV6Ug Saved)
2025-01-12T08:54:45.765366+02:00 mail postfix/lmtp[418074]: EA5B79420085: to=<user2@my-domanin>, orig_to=<alias@my-domain>, relay=mail.xxx.xxx[private/dovecot-lmtp], delay=0.82, delays=0.77/0.01/0.01/0.02, dsn=2.0.0, status=sent (250 2.0.0 <user2@my-domaina> Pls0LDVng2cbYQYA1GV6Ug:R2 Saved)
2025-01-12T08:54:45.765447+02:00 mail dovecot: lmtp(418075): Disconnect from local: Logged out (state=READY)
2025-01-12T08:54:45.765535+02:00 mail postfix/qmgr[372376]: EA5B79420085: removed

Postfix log for <my-address@my-domain> to <alias@my-domain>:

Code: Select all

2025-01-12T09:01:13.000102+02:00 mail postfix/smtpd[418089]: connect from unknown[81.196.174.208]
2025-01-12T09:01:13.322538+02:00 mail postfix/smtpd[418089]: 4EAE3942006E: client=unknown[81.196.174.208], sasl_method=PLAIN, sasl_username=<my-address@my-domain>
2025-01-12T09:01:13.415560+02:00 mail postfix/cleanup[418098]: 4EAE3942006E: message-id=<2e36847f-bc01-4cc9-8edc-eb26e8a7fc8e@my-domain>
2025-01-12T09:01:13.675919+02:00 mail postfix/qmgr[372376]: 4EAE3942006E: from=<my-address@my-domanin>, size=869, nrcpt=1 (queue active)
2025-01-12T09:01:13.677573+02:00 mail dovecot: lmtp(418101): Connect from local
2025-01-12T09:01:13.679573+02:00 mail postfix/lmtp[418100]: 4EAE3942006E: to=<alias@my-domanin>, relay=mail.xxx.xxx[private/dovecot-lmtp], delay=0.4, delays=0.4/0/0/0, dsn=5.1.1, status=bounced (host mail.xxx.xxx[private/dovecot-lmtp] said: 550 5.1.1 <alias@my-domain> User doesn't exist: <alias@my-domain> (in reply to RCPT TO command))

Thanks!

[geosoft]

any ideas where I can look for a solution?

[dilberts_left_nut]

Do you have different mail paths for 'local' mail (Vs 'external')?
Maybe including a 'no_address_mappings' override or such.

[geosoft]

Hello!
I removed no_address_mappings in master.cf and everything works perfectly.
Problem solved!

Many thanks for the support!