Weird behavior with postfix and dovecot-lmtp

Hi all,

I’ve posed this question to the dovecot mailing list as well, but I’m asking here also because I think this more likely something that I’ve missed or misconfigured in postfix than dovecot.

Sending mail from a local address to gmail, I’d expect it to be forwarded through the configured relay host (the IMAP server doesn’t have direct internet accesss, only the relay box.):

I’ve got postfix setup to use dovecot-lmtp for (virtual) user delivery, and things to users or aliases that Dovecot knows about now get delivered correctly. However, I’ve done something wrong with postfix and/or the LMTP configuration because upon RCPT TO, instead of forwarding the mail off to the configured smartest, somehow dovecot-lmtp is ending up in the mix. (Perhaps this is more a postfix question than a dovecot one, but, I’ll start here.)

Relevant postfix config:

[root@81716ec5-bca4-6d53-ed81-bd1a55d46b4f /opt/local/etc/postfix]# postconf -n
canonical_maps = hash:/opt/local/etc/postfix/canonical
command_directory = /opt/local/sbin
compatibility_level = 2
daemon_directory = /opt/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
default_database_type = hash
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
inet_protocols = all
mail_owner = postfix
mailbox_size_limit = 102400000
mailq_path = /opt/local/bin/mailq
manpage_directory = /opt/local/man
message_size_limit = 51200000
meta_directory = /opt/local/libexec/postfix
mynetworks = $myhostname,,,
newaliases_path = /opt/local/bin/newaliases
owner_request_special = no
queue_directory = /var/spool/postfix
queue_minfree = 76800000
readme_directory = /opt/local/share/doc/postfix
recipient_canonical_maps = hash:/opt/local/etc/postfix/recipient_canonical
recipient_delimiter = +
relayhost =
sample_directory = /opt/local/share/examples/postfix
sender_canonical_maps = hash:/opt/local/etc/postfix/sender_canonical
sendmail_path = /opt/local/sbin/sendmail
setgid_group = maildrop
shlib_directory = /opt/local/lib/postfix
smtpd_banner = $myhostname ESMTP
smtpd_client_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unknown_reverse_client_hostname
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, permit_sasl_authenticated
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_invalid_helo_hostname, reject_non_fqdn_helo_hostname
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unlisted_recipient, reject_non_fqdn_recipient, reject_unauth_destination, reject_unknown_recipient_domain, check_recipient_access hash:/opt/local/etc/postfix/filtered_domains
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unlisted_sender, reject_non_fqdn_sender, reject_unknown_sender_domain
smtputf8_enable = no
strict_rfc821_envelopes = yes
unknown_local_recipient_reject_code = 550
virtual_alias_maps = pgsql:/opt/local/etc/postfix/
virtual_mailbox_domains = pgsql:/opt/local/etc/postfix/
virtual_transport = lmtp:unix:private/dovecot-lmtp
[root@81716ec5-bca4-6d53-ed81-bd1a55d46b4f /opt/local/etc/postfix]#

In syslog, I see:] 12327F13D:[]
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/cleanup[56365]: [ID 197553] 12327F13D: message-id=<>
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/qmgr[56018]: [ID 197553] 12327F13D: from=<coy. ... at coyhile dot com>, size=354, nrcpt=1 (queue active)
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f dovecot: [ID 702911] lmtp(50179): Connect from local
2019-08-11T15:38:40+00:00 81716ec5-bca4-6d53-ed81-bd1a55d46b4f postfix/lmtp[56821]: [ID 197553] 12327F13D: to=< ... at gmail dot com>, relay=81716ec5-bca4-6d53-ed81-bd1a55d46b4f.localdomain[private/dovecot-lmtp], delay=55, delays=55/0.01/0/0.03, dsn=5.1.1, status=bounced (host 81716ec5-bca4-6d53-ed81-bd1a55d46b4f.localdomain[private/dovecot-lmtp] said: 550 5.1.1 < ... at gmail dot com> User doesn't exist: <a href="mailto: ... at gmail dot com"> ... at gmail dot com</a> (in reply to RCPT TO command))

Shouldn’t the mail to be punted off to the relay host, rather than getting lost in the LMTP agent?




Re: Weird behavior with postfix and dovecot-lmtp

By Coy Hile at 08/11/2019 - 22:46

For posterity's sake, this was a misconfiguration in postfix.

Turns out this was an error in that query. I'd missed a term,
so that returned something (which implies "this domain is handled here",
apparently) for *any* domain.

Re: Weird behavior with postfix and dovecot-lmtp

By Viktor Dukhovni at 08/11/2019 - 18:19

What does this do?

This is rarely what you want. A sender address becomes a recipient address
when replying, why shouldn't both have the same canonical form?

This will be used for all "remote" domains unless pre-empted by the
transport table. Where "remote" means not "local" or "virtual

What domains does this match? Post the output of:

$ postmap -q pgsql:/opt/local/etc/postfix/

Not if is a "virtual mailbox domain".