Postings by Doug Hardie

Log Messages

I am running a mail server that has a few local recipients and a bunch of forwarded recipients for one domain. All is working properly. However, there are some log messages that I find confusing. The server receives many messages delivery attempts where the user is not included in the virtual_alias_maps. All but one of them receive log messages like

Recipient address rejected: unverified address

That makes sense. However, one of them receives

Recipient address rejected: User unknown in virtual alias table

I don't see what is different for this particular user.

dnsblog lifetime

I understood from the dnsblog man page that each dnsblog process only lives for a "limited amount of time". I noticed this because I have over 50 dnsblog processes running on a fairly light duty postfix server. Some of them are over a week old. At first I thought they must have been orphaned, but looking through maillog, I find entries in the last few minutes from the oldest and the newest. I didn't check all of them, but it appears they are all in use. Looking at the source for postfix-3.3-20180114 (on web), it appears dnsblog checks one IP address and then exits.

Certificate Replacement

I am needing to replace the certificate and key. Are they read and cached when postfix starts, or are they read during normal mail handling? In other words, can I replace the files or do I need to do a reload or restart of the service afterwards?

-- Doug

Mail Routing Question

I have a domain, say: for which I receive mail. Currently I have A records in DNS for and as well as a MX record for All three of them point to the same IP address which is where postfix is running. There is a political issue with the A record for and it "needs" to be changed to elsewhere. I somehow seem to recall that there are some MTAs that do not use the MX records, but only check the A records. Will changing the A record for cause the loss of some incoming mail?

-- Doug

Chinese Spam

My server is being hit pretty hard by spam from China. Every email is from a different IP address. The only common item is the message id ends in Is there any way to block those with that ID?

-- Doug

Log entries for one email

The following log entries have me confused. An email was received. The mail from address is shown, but I don't see the rcpt to address unless it is the "<>" shown in the one entry. However, I believe that should generate a bounce, but it does not appear to have done so.

Mail Forwarding

I thought I had everything working, but something broke. What I need to do is to accept mail for local delivery for several users on a couple domains ( and one other) and relay mail for a number of users on domain ( to a variety of different locations. Each user could be on a different server. My tests seemed to work, but when adding in the full tables, it broke.

Problems with aliases

I have a situation that is most likely a problem with my understanding of postfix and not a code problem. I am getting ready to take over a domain name for mail service. A number of new addresses in that domain need to be forwarded to other mail servers. I setup postfix to do that and it worked fine. However, there is still some time before I actually take over the domain. In the meantime I was entering some of the addresses and forwarding addresses into the vmail alias file. Each entry was preceded by "# ". My understanding was that lines starting with a # would be ignored.