Hi there

I setup a virtual server with these configurations:
1. Mail server: POSTFIX / DOVECOT
2. Webmin / Virtualmin

I am getting email to desired folders locally but I am not getting email from outside to desired users. Emails are bounced back with message "Address not found in virtual alias table".

Recent log errors are:

Sep 8 04:25:49 server1 postfix/smtpd[28002]: cannot load Certificate Authority data
Sep 8 04:25:49 server1 postfix/smtpd[28002]: warning: TLS library problem: 28002:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('/etc/pki/postfix/root.crt','r'):
Sep 8 04:25:49 server1 postfix/smtpd[28002]: warning: TLS library problem: 28002:error:2006D080:BIO routines:BIO_new_file:no such file:bss_file.c:125:
Sep 8 04:25:49 server1 postfix/smtpd[28002]: warning: TLS library problem: 28002:error:0B084002:x509 certificate routines:X509_load_cert_crl_file:system lib:by_file.c:279:
Sep 8 04:25:49 server1 postfix/smtpd[28002]: connect from mail-wy0-f172.google.com[74.125.82.172]
Sep 8 04:25:49 server1 postfix/smtpd[28002]: warning: 172.82.125.74.list.dsbl.org: RBL lookup error: Host or domain name not found. Name service error for name=172.82.125.74.list.dsbl.org type=A: Host not found, try again
Sep 8 04:25:49 server1 postfix/spawn[28008]: warning: command /usr/bin/perl exit status 2
Sep 8 04:25:49 server1 postfix/smtpd[28002]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
Sep 8 04:25:50 server1 postfix/spawn[28008]: warning: command /usr/bin/perl exit status 2
Sep 8 04:25:50 server1 postfix/smtpd[28002]: warning: premature end-of-input on private/spfpolicy while reading input attribute name
Sep 8 04:25:50 server1 postfix/smtpd[28002]: warning: problem talking to server private/spfpolicy: Connection reset by peer

When I send email from my gmail a/c:

Sep 8 04:25:50 server1 postfix/smtpd[28002]: NOQUEUE: reject: RCPT from mail-wy0-f172.google.com[74.125.82.172]: 451 4.3.5 Server configuration problem; from=<xx@gmail.com> to=<x@xx.com> proto=ESMTP helo=<mail-wy0-f172.google.com>
Sep 8 04:25:51 server1 postfix/smtpd[28002]: disconnect from mail-wy0-f172.google.com[74.125.82.172]


main.cf settings:

address_verify_map = btree:/var/spool/postfix/verify
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = xx.com
myhostname = server1.xx.com
mynetworks = 127.0.0.0/8
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_canonical_maps = hash:/etc/postfix/canonical
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_canonical_maps = hash:/etc/postfix/canonical
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_CAfile = /etc/pki/postfix/root.crt
smtp_tls_cert_file = /etc/pki/postfix/server.pem
smtp_tls_key_file = /etc/pki/postfix/key.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:/var/spool/postfix/smtp_tls_cache
smtp_use_tls = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 5s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_milters = unix:/var/run/dkim-milter/dkim.sock
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination check_recipient_access hash:/etc/postfix/access reject_unknown_recipient_domain reject_unknown_sender_domain reject_unverified_recipient reject_non_fqdn_recipient reject_non_fqdn_sender reject_invalid_hostname reject_rbl_client list.dsbl.org reject_rbl_client zen.spamhaus.org reject_rbl_client l1.spews.dnsbl.sorbs.net reject_rbl_client combined.njabl.org reject_rbl_client bl.spamcop.net reject_rhsbl_sender dsn.rfc-ignorant.org reject_rhsbl_sender bogusmx.rfc-ignorant.org reject_rhsbl_sender rhsbl.sorbs.net reject_rhsbl_client dsn.rfc-ignorant.org reject_rhsbl_client bogusmx.rfc-ignorant.org reject_rhsbl_client rhsbl.sorbs.net check_policy_service unixrivate/spfpolicy
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = hash:/etc/postfix/sender_access
smtpd_soft_error_limit = 10
smtpd_tls_CAfile = /etc/pki/postfix/root.crt
smtpd_tls_cert_file = /etc/pki/postfix/server.pem
smtpd_tls_key_file = /etc/pki/postfix/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual

What is the problem here? Please help ... thanks

I haven't read your config - it's the wrong file.
postfix also needs a table of users and aliases, i.e. other names by which you call some users. Mail won't go to root, so root@ must be an alias to some luser.

Postfix has little utilities to make a database from /etc/postfix/aliases to /etc/postfix/aliases.db but it's been a long time. You write the aliases, then run the utility and it writes aliases.db.
Try and fix those 2 errors, and the rest will probably go away.

aliases file and aliases.db files are present in the /etc/ folder. What other config file are you talking about?

There are several spam emails come to the server and the maillog you mentioned is one of them. I dont know about the server address from which the mail is coming from. My domain is an old domain no longer in use from several months.

if you look at the main.cf file, myhostname and domain are a bit different. Is this the cause of the problem or somewhere else?

I picked up the reason for error. The SPF policy isnt working properly, I removed it and postfix works ok. However, forwarding emails isnt working.

This is the error I am getting:

Warning - any rules defined below will not be used : Procmail is not enabled in your Postfix configuration. The configuration file /etc/postfix/main.cf must have the mailbox_command option set to /usr/bin/procmail.