1

Topic: Domain alias not working

==== Required information ====
- iRedMail version:
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): iRedAdmin-Pro-LDAP 1.8.1
- Linux/BSD distribution name and version: Ubuntu 10.04
- Related log if you're reporting an issue:
====

Hi, me again.

I'm having an issue where postfix won't accept mail for an alias domain.

Imagine I have the following domains set up in iredadmin:

examplesender.com
examplerecipient.com + examplealias.com as it's domain alias

When sending from matt@examplesender.com to richard@examplealias.com:

Dec  5 10:50:29 tay postfix/smtpd[19511]: NOQUEUE: reject: RCPT from ********: 550 5.1.1 <richard@examplealias.com>: Recipient address rejected: User unknown in virtual mailbox table; from=<matt@examplesender.com> to=<richard@examplealias.com> proto=ESMTP helo=<Matts-iMac.local>

And when sending to the main domain:

Dec  5 11:22:15 tay postfix/smtpd[22233]: 3F65E254FE: ******, sasl_method=PLAIN, sasl_username=matt@examplesender.com
Dec  5 11:22:15 tay postfix/cleanup[21973]: 3F65E254FE: message-id=<50BF2E66.3040704@examplesender.com>
Dec  5 11:22:15 tay postfix/qmgr[1618]: 3F65E254FE: from=<matt@examplesender.com>, size=23232, nrcpt=1 (queue active)
Dec  5 11:22:21 tay postfix/smtp[22086]: 3F65E254FE: to=<richard@examplerecipient.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=6.1, delays=0.7/0/0/5.4, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=22380-03, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 33E7925498)
Dec  5 11:22:21 tay postfix/qmgr[1618]: 3F65E254FE: removed

root@tay /etc/postfix # postconf -n

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
allow_min_user = no
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = smtp-amavis:[127.0.0.1]:10024
delay_warning_time = 0h
disable_vrfy_command = yes
enable_original_recipient = no
home_mailbox = Maildir/
inet_interfaces = all
inet_protocols = ipv4
mail_name = iRedMail
mail_version = 0.6.1
mailbox_command = /usr/lib/dovecot/deliver
mailbox_size_limit = 0
maximal_backoff_time = 4000s
maximal_queue_lifetime = 1d
message_size_limit = 0
minimal_backoff_time = 300s
mydestination = $myhostname, localhost, localhost.localdomain, localhost.$myhostname
mydomain = **********.co.uk
myhostname = tay.**********.co.uk
mynetworks = 127.0.0.0/8
mynetworks_style = subnet
myorigin = tay.**********.co.uk
proxy_read_maps = $canonical_maps $lmtp_generic_maps $local_recipient_maps $mydestination $mynetworks $recipient_bcc_maps $recipient_canonical_maps $relay_domains $relay_recipient_maps $relocated_maps $sender_bcc_maps $sender_canonical_maps $smtp_generic_maps $smtpd_sender_login_maps $transport_maps $virtual_alias_domains $virtual_alias_maps $virtual_mailbox_domains $virtual_mailbox_maps
queue_run_delay = 300s
readme_directory = no
recipient_bcc_maps = proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_recipient_bcc_maps_user.cf
recipient_delimiter = +
relay_domains = $mydestination, proxy:ldap:/etc/postfix/ldap_relay_domains.cf
relayhost = 
sender_bcc_maps = proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_domain.cf, proxy:ldap:/etc/postfix/ldap_sender_bcc_maps_user.cf
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtpd_banner = $myhostname ESMTP $mail_name (Ubuntu)
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_enforce_tls = no
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, check_helo_access pcre:/etc/postfix/helo_access.pcre
smtpd_recipient_restrictions = reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unlisted_recipient, check_policy_service inet:127.0.0.1:7777, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_helo_hostname, check_policy_service inet:127.0.0.1:10031
smtpd_reject_unlisted_recipient = yes
smtpd_reject_unlisted_sender = yes
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = no
smtpd_sasl_local_domain = 
smtpd_sasl_path = dovecot-auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_login_maps = proxy:ldap:/etc/postfix/ldap_sender_login_maps.cf
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated
smtpd_tls_cert_file = /etc/ssl/certs/iRedMail_CA.pem
smtpd_tls_key_file = /etc/ssl/private/iRedMail.key
smtpd_tls_loglevel = 0
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = proxy:ldap:/etc/postfix/ldap_transport_maps_user.cf, proxy:ldap:/etc/postfix/ldap_transport_maps_domain.cf
virtual_alias_maps = proxy:ldap:/etc/postfix/ldap_virtual_alias_maps.cf, proxy:ldap:/etc/postfix/ldap_virtual_group_maps.cf, proxy:ldap:/etc/postfix/ldap_sender_login_maps.cf, proxy:ldap:/etc/postfix/ldap_catch_all_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_domains.cf
virtual_mailbox_maps = proxy:ldap:/etc/postfix/ldap_virtual_mailbox_maps.cf
virtual_minimum_uid = 1001
virtual_transport = dovecot
virtual_uid_maps = static:1001

root@tay /etc/postfix # cat ldap_virtual_alias_maps.cf

#
# File generated by iRedMail (2011.02.27.07.52.10):
#
# Version:  0.6.1
# Project:  http://www.iredmail.org/
#
# Community: http://www.iredmail.org/forum/
#

server_host     = 127.0.0.1
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=*******,dc=co,dc=uk
bind_pw         = ********
search_base     = o=domains,dc=********,dc=co,dc=uk
scope           = sub
query_filter    = (&(|(mail=%s)(shadowAddress=%s))(accountStatus=active)(enabledService=mail)(enabledService=deliver)(|(objectClass=mailAlias)(&(objectClass=mailUser)(enabledService=forward))))
result_attribute= mailForwardingAddress
debuglevel      = 0

root@tay /etc/postfix # cat ldap_virtual_mailbox_domains.cf

#
# File generated by iRedMail (2011.02.27.07.52.10):
#
# Version:  0.6.1
# Project:  http://www.iredmail.org/
#
# Community: http://www.iredmail.org/forum/
#

server_host     = 127.0.0.1
server_port     = 389
bind            = yes
start_tls       = no
version         = 3
bind_dn         = cn=vmail,dc=********,dc=co,dc=uk
bind_pw         = *********
search_base     = o=domains,dc=********,dc=co,dc=uk
scope           = one
query_filter    = (&(objectClass=mailDomain)(|(domainName=%s)(&(enabledService=domainalias)(domainAliasName=%s)))(!(domainBackupMX=yes))(accountStatus=active)(enabledService=mail))
result_attribute= domainName
debuglevel      = 0

root@tay /etc/postfix # cat ldap_virtual_mailbox_maps.cf

#
# File generated by iRedMail (2011.02.27.07.52.10):
#
# Version:  0.6.1
# Project:  http://www.iredmail.org/
#
# Community: http://www.iredmail.org/forum/
#

server_host     = 127.0.0.1
server_port     = 389
version         = 3
bind            = yes
start_tls       = no
bind_dn         = cn=vmail,dc=********,dc=co,dc=uk
bind_pw         = *********
search_base     = o=domains,dc=********,dc=co,dc=uk
scope           = sub
query_filter    = (&(objectClass=mailUser)(|(mail=%s)(&(enabledService=shadowaddress)(shadowAddress=%s)))(accountStatus=active)(enabledService=mail)(enabledService=deliver))
result_attribute= mailMessageStore
result_format   = %s/Maildir/
debuglevel      = 0

Any ideas?

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Domain alias not working

from=<matt@examplesender.com> to=<richard@examplealias.com>

Could you please paste LDIF data of user "matt@examplesender.com"?

You can get LDIF data with below steps:

- Login to iRedAdmin-Pro-LDAP as global admin
- Navigate to user profile page of "matt@examplesender.com"
- Click "Export account to LDIF" under profile tab "General".

3

Re: Domain alias not working

Sender LDIF:

dn: mail=matt@examplesender.com,ou=Users,domainName=examplesender.com,o=domains,dc=********,dc=co,dc=uk
accountStatus: active
amavisBlacklistSender: @progressiverecruitment.co.uk
amavisBlacklistSender: @progressiverecruitment.com
amavisLocal: TRUE
cn: Matt Jones
enabledService: mail
enabledService: internal
enabledService: smtp
enabledService: smtpsecured
enabledService: pop3
enabledService: pop3secured
enabledService: imap
enabledService: imapsecured
enabledService: deliver
enabledService: forward
enabledService: shadowaddress
enabledService: managesieve
enabledService: managesievesecured
enabledService: recipientbcc
enabledService: senderbcc
enabledService: displayedInGlobalAddressBook
enabledService: sieve
enabledService: sievesecured
enabledService: lda
homeDirectory: /var/vmail/vmail1/examplesender.com/m/a/t/matt-2011.07.06.09.41.05/
mail: matt@examplesender.com
mailMessageStore: vmail1/examplesender.com/m/a/t/matt-2011.07.06.09.41.05/
mailQuota: 26843545600
memberOfGroup: servermon@examplesender.com
memberOfGroup: employees@examplesender.com
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
shadowAddress: mattjones@examplesender.com
shadowAddress: serverwatch@examplesender.com
shadowAddress: dan@examplesender.com
shadowAddress: mail-daemon@examplesender.com
shadowAddress: matt.jones@examplesender.com
shadowAddress: matt.home@examplesender.com
sn: matt
storageBaseDirectory: /var/vmail
title: Web Developer
uid: matt
userPassword: ********

Recipient LDIF:

dn: mail=richard@examplerecipient.com,ou=Users,domainName=examplerecipient.com,o=domains,dc=********,dc=co,dc=uk
accountStatus: active
amavisLocal: TRUE
cn: Richard
enabledService: mail
enabledService: deliver
enabledService: lda
enabledService: smtp
enabledService: smtpsecured
enabledService: pop3
enabledService: pop3secured
enabledService: imap
enabledService: imapsecured
enabledService: managesieve
enabledService: managesievesecured
enabledService: sieve
enabledService: sievesecured
enabledService: forward
enabledService: senderbcc
enabledService: recipientbcc
enabledService: internal
enabledService: shadowaddress
enabledService: displayedInGlobalAddressBook
homeDirectory: /var/vmail/vmail1/examplerecipient.com/r/i/c/richard-2012.09.20.11.54.17/
mail: richard@examplerecipient.com
mailMessageStore: vmail1/examplerecipient.com/r/i/c/richard-2012.09.20.11.54.17/
mailQuota: 536870912
objectClass: inetOrgPerson
objectClass: mailUser
objectClass: shadowAccount
objectClass: amavisAccount
shadowAddress: enquiries@examplerecipient.com
shadowLastChange: 0
sn: richard
storageBaseDirectory: /var/vmail
uid: richard
userPassword: ******

(I've sensored some parts as I don't want to paste the raw outputs here. I can email them to you if you need.)

4

Re: Domain alias not working

As you can see, it has correct alias addresses (shadowAddress) and service (enabledService=shadowaddress). So the LDIF data is fine.
Could you please paste me output of below commands:

# cd /etc/postfix/
# for cf in $(ls ldap_*.cf); do echo ${cf}; postmap -q "matt@examplesender.com" ldap:./${cf}; done
# for cf in $(ls ldap_*.cf); do echo ${cf}; postmap -q "richard@examplealias.com" ldap:./${cf}; done

5

Re: Domain alias not working

matt@examplesender.com

root@tay /etc/postfix # for cf in $(ls ldap_*.cf); do echo ${cf}; postmap -q "matt@examplesender.com" ldap:./${cf}; done
ldap_catch_all_maps.cf
ldap_recipient_bcc_maps_domain.cf
ldap_recipient_bcc_maps_user.cf
ldap_relay_domains.cf
ldap_sender_bcc_maps_domain.cf
ldap_sender_bcc_maps_user.cf
ldap_sender_login_maps.cf
matt@examplesender.com
ldap_transport_maps_domain.cf
ldap_transport_maps_user.cf
ldap_virtual_alias_maps.cf
ldap_virtual_group_maps.cf
ldap_virtual_mailbox_domains.cf
ldap_virtual_mailbox_maps.cf
vmail1/examplesender.com/m/a/t/matt-2011.07.06.09.41.05//Maildir/

richard@examplealias.com

root@tay /etc/postfix # for cf in $(ls ldap_*.cf); do echo ${cf}; postmap -q "richard@examplealias.com" ldap:./${cf}; done
ldap_catch_all_maps.cf
ldap_recipient_bcc_maps_domain.cf
ldap_recipient_bcc_maps_user.cf
ldap_relay_domains.cf
ldap_sender_bcc_maps_domain.cf
ldap_sender_bcc_maps_user.cf
ldap_sender_login_maps.cf
ldap_transport_maps_domain.cf
ldap_transport_maps_user.cf
ldap_virtual_alias_maps.cf
ldap_virtual_group_maps.cf
ldap_virtual_mailbox_domains.cf
ldap_virtual_mailbox_maps.cf

richard@examplerecipient.com

root@tay /etc/postfix # for cf in $(ls ldap_*.cf); do echo ${cf}; postmap -q "richard@examplerecipient.com" ldap:./${cf}; done
ldap_catch_all_maps.cf
ldap_recipient_bcc_maps_domain.cf
ldap_recipient_bcc_maps_user.cf
ldap_relay_domains.cf
ldap_sender_bcc_maps_domain.cf
ldap_sender_bcc_maps_user.cf
ldap_sender_login_maps.cf
richard@examplerecipient.com
ldap_transport_maps_domain.cf
ldap_transport_maps_user.cf
ldap_virtual_alias_maps.cf
ldap_virtual_group_maps.cf
ldap_virtual_mailbox_domains.cf
ldap_virtual_mailbox_maps.cf
vmail1/examplerecipient.com/r/i/c/richard-2012.09.20.11.54.17//Maildir/

6 (edited by orphans 2012-12-06 23:56:00)

Re: Domain alias not working

Ok I'm guessing I need to change sender_login_maps.cf

query_filter    = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=smtp)(mail=%s))

to

query_filter    = (&(objectClass=mailUser)(accountStatus=active)(enabledService=mail)(enabledService=smtp)(|(mail=%s)(&(enabledService=shadowaddress)(shadowAddress=%s))))

(Taken from a newer iRedMail installation)

7

Re: Domain alias not working

orphans wrote:

# Version:  0.6.1

iRedMail-0.6.1 is out of date, please upgrade it to the latest stable release by following our upgrade tutorials here:
http://iredmail.org/doc.html#upgrade_tutorial