Recipient address rejected:User unknown in virtual alias table 550 5.1.1
 

Hai All,

I have been getting problem in receiving emails from external accounts . I have set up a Mail Server comprising Postfix, Dovecot, roundcube using centos web panelin the centos 6.8 Server machine.

I have no problem sending emails , but the issue comes up when trying to receive emails back from their end to my accounts.

Here is the my configuration file:-

main.cf:-

# postfix config file

# uncomment for debugging if needed
soft_bounce=yes

# postfix main
mail_owner = postfix
setgid_group = postdrop
delay_warning_time = 4

# postfix paths
html_directory = no
command_directory = /usr/sbin
daemon_directory = /usr/libexec/postfix
queue_directory = /var/spool/postfix
sendmail_path = /usr/sbin/sendmail.postfix
newaliases_path = /usr/bin/newaliases.postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man

# network settings
inet_interfaces = all
mydomain =domain.com
myhostname = mail.domain.com
mynetworks = $config_directory/mynetworks
mydestination = $myhostname, localhost.$mydomain, localhost
relay_domains = proxy:mysql:/etc/postfix/mysql-relay_domains_maps.cf

# mail delivery
recipient_delimiter = +

# mappings
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
transport_maps = hash:/etc/postfix/transport
#local_recipient_maps =

# virtual setup
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_alias_maps.cf, regexp:/etc/postfix/virtual_regexp,
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_maps.cf
virtual_mailbox_limit_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailbox_limit_maps.cf
virtual_minimum_uid = 101
virtual_uid_maps = static:101
virtual_gid_maps = static:12
virtual_transport = dovecot
dovecot_destination_recipient_limit = 1

# debugging
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin
xxgdb $daemon_directory/$process_name $process_id & sleep 5

# authentication
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_sasl_local_domain = $myhostname
broken_sasl_auth_clients = yes
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth

# tls config
smtp_use_tls = yes
smtpd_use_tls = yes
smtpd_tls_security_level = may
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
tls_random_source = dev:/dev/urandom
smtp_tls_session_cache_database = btree:$data_directory/smtp_tls_session_cache
# Change mail.example.com.* to your host name
smtpd_tls_key_file = /etc/pki/tls/private/mail.domain.com.key
smtpd_tls_cert_file = /etc/pki/tls/certs/mail.domain.com.crt
smtp_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt
smtpd_tls_CAfile = /etc/pki/tls/certs/ca-bundle.crt

# rules restrictions
smtpd_client_restrictions =
smtpd_helo_restrictions =
smtpd_sender_restrictions =
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unknown_recipient_domain,check_policy_service unix:private/spfpolicy
# uncomment for realtime black list checks
# ,reject_rbl_client zen.spamhaus.org
# ,reject_rbl_client bl.spamcop.net
# ,reject_rbl_client dnsbl.sorbs.net
smtpd_helo_required = yes
unknown_local_recipient_reject_code = 550
disable_vrfy_command = yes
smtpd_data_restrictions = reject_unauth_pipelining

# Other options
# email size limit ~20Meg
message_size_limit = 204800000
mailbox_size_limit = 2048000000

# Vacation Scripts
vacation_destination_recipient_limit = 1
recipient_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_vacation.cf
smtpd_milters = inet:127.0.0.1:8891
non_smtpd_milters = $smtpd_milters
milter_default_action = accept
milter_protocol = 2
---------------------------------------------------------------------------------------------------
master.cf:-

#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ***** Unused items removed *****
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
smtp inet n - n - - smtpd
# -o content_filter=smtp-amavis:127.0.0.1:10024
# -o receive_override_options=no_address_mappings
#
## Enable SMTP on port 587 only for authenticated/TLS clients
submission inet n - n - - smtpd
-o smtpd_enforce_tls=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
## Enable SMTP on port 465 only for authenticated/SSL clients
smtps inet n - n - - smtpd
-o smtpd_tls_wrappermode=yes
-o smtpd_sasl_auth_enable=yes
-o smtpd_client_restrictions=permit_sasl_authenticated,reject
#
pickup fifo n - n 60 1 pickup
-o content_filter=
-o receive_override_options=no_header_body_checks
cleanup unix n - n - 0 cleanup
qmgr fifo n - n 300 1 qmgr
#qmgr fifo n - n 300 1 oqmgr
tlsmgr unix - - n 1000? 1 tlsmgr
rewrite unix - - n - - trivial-rewrite
bounce unix - - n - 0 bounce
defer unix - - n - 0 bounce
trace unix - - n - 0 bounce
verify unix - - n - 1 verify
flush unix n - n 1000? 0 flush
proxymap unix - - n - - proxymap
smtp unix - - n - - smtp
# When relaying mail as backup MX, disable fallback_relay to avoid MX loops
relay unix - - n - - smtp
-o fallback_relay=
# -o smtp_helo_timeout=5 -o smtp_connect_timeout=5
showq unix n - n - - showq
error unix - - n - - error
discard unix - - n - - discard
local unix - n n - - local
virtual unix - n n - - virtual
lmtp unix - - n - - lmtp
anvil unix - - n - 1 anvil
scache unix - - n - 1 scache
#
# ====================================================================
# Interfaces to non-Postfix software. Be sure to examine the manual
# pages of the non-Postfix software to find out what options it wants.
# ====================================================================
maildrop unix - n n - - pipe
flags=DRhu user=vmail argv=/usr/local/bin/maildrop -d ${recipient}
uucp unix - n n - - pipe
flags=Fqhu user=uucp argv=uux -r -n -z -a$sender - $nexthop!rmail ($recipient)
ifmail unix - n n - - pipe
"/etc/postfix/master.cf" 99L, 4775C

#
# spam/virus section
#
smtp-amavis unix - - y - 2 smtp
-o smtp_data_done_timeout=1200
-o disable_dns_lookups=yes
-o smtp_send_xforward_command=yes
127.0.0.1:10025 inet n - y - - smtpd
-o content_filter=
-o smtpd_helo_restrictions=
-o smtpd_sender_restrictions=
-o smtpd_recipient_restrictions=permit_mynetworks,reject
-o mynetworks=127.0.0.0/8
-o smtpd_error_sleep_time=0
-o smtpd_soft_error_limit=1001
-o smtpd_hard_error_limit=1000
-o receive_override_options=no_header_body_checks
-o smtpd_bind_address=127.0.0.1
-o smtpd_helo_required=no
-o smtpd_client_restrictions=
-o smtpd_restriction_classes=
-o disable_vrfy_command=no
-o strict_rfc821_envelopes=yes
#
# Dovecot LDA
dovecot unix - n n - - pipe
flags=DRhu user=vmail:mail argv=/usr/libexec/dovecot/deliver -d ${recipient}
#
# Vacation mail
vacation unix - n n - - pipe
flags=Rq user=vacation argv=/usr/local/cwp/php71/bin/php -q /var/spool/vacation/vacation.php ${sender} ${recipient}
# SPF check
spfpolicy unix - n n - - spawn
user=nobody argv=/usr/bin/python /usr/libexec/postfix/policyd-spf



Can anyone suggest me where can be the problem. I am running two domains on this server.

Thanks & Regards,
Sandeep K

I'm sorry that I don't have the time to prowl through that configuration-file to find the problem for you, but the essence of the problem is that Postfix does not recognize the user or alias-name on the e-mail as being a valid one for this system. Most likely it is not doing the lookups that you intended, and/or it is referring to sources that are not set up correctly.

Refer line-by-line to the Postfix documentation for the "alias" and "virtual alias" settings. Be sure that you understand each of them, and that they are correct. Then, as necessary, look in the map-files and other map-sources that you have specified.

All of these configuration controls are designed to address the "mail from god@heaven.org problem." Mail won't be handled if its addresses appear to be bogus.

Thanks, For your time Sir:)


I didn't mention any ids to "alias" and "virtual alias" and Now it is not giving error, but mails are missing. It is going to receipent side, but after the reply from their side I can't found in my inbox or any other folder also.

when I gave telnet test, It shown below output:-

telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
Trying 127.0.0.1...
Connected to localhost.
Escape character is '^]'.
220 mail.domain.com ESMTP Postfix
ehlo localhost
250-mail.domain.com
250-PIPELINING
250-SIZE 204800000
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
quit
221 2.0.0 Bye
Connection closed by foreign host.

---------------------------------------------
domain1 mx records:-


[sandeep@mail ~]# dig mx domain1.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> mx domain1.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 44663
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;domain1.com. IN MX

;; ANSWER SECTION:
domain1.com. 3599 IN MX 0 mail.domain1.com.

;; Query time: 111 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Sep 22 13:57:25 2017
;; MSG SIZE rcvd: 56
-------------------------------------------------
my mx records:-


[sandeep@mail ~]# dig mx domain2.com

; <<>> DiG 9.8.2rc1-RedHat-9.8.2-0.47.rc1.el6_8.4 <<>> mx domain2.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17656
;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;domain2.com. IN MX

;; ANSWER SECTION:
domain2.com. 3599 IN MX 0 mail.domain2.com.
domain2.com. 3599 IN MX 0 mail.domain1.com.

;; Query time: 347 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Fri Sep 22 13:58:10 2017
;; MSG SIZE rcvd: 89


suggest me where can be the problem.
regards:-
sandeep

Does the "connection refused" part not raise any concerns with you?
Please re-read post #2 more carefully.

Thanks for your reply Sir:

It's first trying to connect IPV6.But am using ipv4.I thought its not a problem ...

I already tried by stopping selinux and firewall still it is coming like that sir..

Can you pls help to troubleshoot this..

service iptables stop
iptables: Setting chains to policy ACCEPT: mangle nat filte[ OK ]
iptables: Flushing firewall rules: [ OK ]
iptables: Unloading modules: [ OK ]
[sandeep@mail ~]# telnet localhost 25
Trying ::1...
telnet: connect to address ::1: Connection refused
-----------------------------------------------------------

setenforce 0
setenforce: SELinux is disabled

Read the LQ Rules about text speak and about not using it...it's "PLEASE" not "pls". And you were given advice in post #2, which you apparently didn't read or understand. Go back and carefully re-read it. Ignoring what's there and moving on (for some reason) to iptables and IPv6 isn't going to address the issues.

Sir,

In the 2nd post I talked about the virtual alias, but the job of the virtual alias :-
To redirect mail from one address to one or more addresses.
To implement virtual alias domains where all addresses are aliased to addresses in other domains.

suppose we have two domains sandeep.com and domain2.com. if domain2.com sends a mail to sandeep.com mail receiving with no issues. if sandeep.com sends mail to domain2.com is also fine reached to their end .but the problem is if sandeep.com send mail to domain2.com they are trying reply to that mail in that time it is not receiving without showing any error.