Due to, ahem, unknown enthusiasm, we probably have a broken postfix config somewhere, without knowing what actually happened (which is a wtf in itself..): all forwarding of e-mail has stopped (no virtual_alias_maps, and even .forward files have ceased to work). postmap seems to indicate that retrieving is not the problem:
postmap -q "[email protected]" proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf
[email protected]
Enabling the general query log, I can even see the (correct) queries coming through looking for a forward destination on the live server. Now, we have several domains, configured with virtual_mailbox_domains & virtual_mailbox_maps(which are working). However, we used to use the virtual_alias_maps to forward mails like [email protected] to [email protected] or even [email protected], which is now broken. Those accounts have always had a 'local' config, but now only arrive at their local maildirs with a ``, and according to the logs, postfix does not even try/know to forward them.
sendmail -bv [email protected] just gives:
<[email protected]>: delivery via virtual: delivers to maildir
postconf -n, all mysql maps indvidually tested & work, the correct sql queries show in our logs:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
append_dot_mydomain = no
biff = no
bounce_queue_lifetime = 1d
broken_sasl_auth_clients = yes
command_time_limit = 100s
config_directory = /etc/postfix
daemon_timeout = 180s
default_process_limit = 200
forward_path = /home/vmail/${domain}/${user}/.forward${recipient_delimiter}${extension},/home/vmail/${domain}/${user}/.forward,${home}/.forward${recipient_delimit
er}${extension},${home}/.forward
helpful_warnings = yes
html_directory = /usr/share/doc/postfix/html
initial_destination_concurrency = 2
ipc_idle = 30s
ipc_timeout = 60s
local_destination_concurrency_limit = 2000
mailbox_command = procmail -a $EXTENSION
mailbox_size_limit = 0
message_size_limit = 33554432
minimal_backoff_time = 60s
mydestination = examplemx.example.com, localhost, localhost.localdomain, m1.example.com, m2.example.com, mainmx.example.com
myhostname = examplemx.example.com
mynetworks = 127.0.0.0/8 192.168.20.0/24 10.20.0.0/16
myorigin = /etc/mailname
propagate_unmatched_extensions = canonical, virtual, alias, forward
queue_run_delay = 180s
readme_directory = /usr/share/doc/postfix
receive_override_options = no_address_mappings
recipient_delimiter = +
smtp_data_done_timeout = 60s
smtp_data_init_timeout = 12s
smtp_data_xfer_timeout = 18s
smtp_helo_timeout = 30s
smtp_mail_timeout = 30s
smtp_quit_timeout = 30s
smtp_rcpt_timeout = 30s
smtp_tls_CAfile = /etc/postfix/cacert.pem
smtp_tls_cert_file = /etc/postfix/examplemx-cert.pem
smtp_tls_key_file = /etc/postfix/examplemx-key.pem
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_error_sleep_time = 0
smtpd_recipient_restrictions = check_recipient_access hash:/etc/postfix/blacklist, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_security_options = noanonymous
smtpd_tls_CAfile = /etc/postfix/cacert.pem
smtpd_tls_cert_file = /etc/postfix/examplemx-cert.pem
smtpd_tls_key_file = /etc/postfix/examplemx-key.pem
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
transport_maps = mysql:/etc/postfix/mysql-virtual_transports.cf
unknown_local_recipient_reject_code = 550
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /home/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_uid_maps = static:5000
One thing of note is the virtual_alias_domains is empty (these are already in virtual_mailbox_domains, and as far as out lousy backups tell us... that's always been the case).
Trying to fix this I created a flat /etc/postfix/virtual file & used postmap, which showed the same symptoms (no error, but no forward), and then I even tried to use those good ol' .forward files in the maildirs, but even those don't seem to work. What are further usual suspects if all forwarding is non-existent, or does anything stand out in the given postconf?
Pff, found it, we're using
amavisandclamavto scan mails, and due to errors inclamav,amavishad problems delivering, fixing those errors in there, restartingclamav-daemon&amavis, and everything worked again. Moral of the story: make sure what kind of transport is used to deliver the mails to maildirs.