I'm running an older Postfix and Courier mailserver with virtual domains. I recently experienced that local delivery (using webmail) to a not existing mailbox would result in that actual mailbox to be created - like /var/vmail/domain/notexistinguser - containing the email. In my opinion that mail should have bounced to the sender. Email from external system does trigger bounces.
I'm not quite sure if this problem is related to Postfix, Courier or other services running on my server. Therefore I am willing to send any config, logs etc. you might need, to help me solving the matter.
Some additional information
Output postconf -n (hostnames have been replaced for privacy):
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
anvil_rate_time_unit = 43200
append_dot_mydomain = no
biff = no
body_checks = regexp:/etc/postfix/body_checks
bounce_queue_lifetime = 1
broken_sasl_auth_clients = yes
config_directory = /etc/postfix
content_filter = amavis:[127.0.0.1]:10024
header_checks = regexp:/etc/postfix/header_checks
html_directory = /usr/share/doc/postfix/html
inet_interfaces = all
mailbox_command = procmail -a "$EXTENSION"
mailbox_size_limit = 0
maximal_queue_lifetime = 1
message_size_limit = 0
mime_header_checks = regexp:/etc/postfix/mime_header_checks
mydestination = example.com, localhost, localhost.localdomain
myhostname = example.com
mynetworks = 127.0.0.0/8 [::1]/128
myorigin = /etc/mailname
nested_header_checks = regexp:/etc/postfix/nested_header_checks
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relayhost =
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_connection_count_limit = 5
smtpd_client_connection_rate_limit = 1000
smtpd_client_message_rate_limit = 1000
smtpd_client_recipient_rate_limit = 1000
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_error_sleep_time = 2s
smtpd_hard_error_limit = 20
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, reject_unauth_destination, reject_non_fqdn_sender, check_policy_service inet:127.0.0.1:10023, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, reject_rbl_client zen.spamhaus.org
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sender_restrictions = check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf
smtpd_soft_error_limit = 10
smtpd_tls_CAfile = /etc/ssl/local/ca-certs
smtpd_tls_cert_file = /etc/ssl/local/certificate
smtpd_tls_key_file = /etc/ssl/local/key
smtpd_tls_mandatory_protocols = !SSLv2,!SSLv3
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
transport_maps = proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
virtual_alias_domains =
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, mysql:/etc/postfix/mysql-virtual_email2email.cf
virtual_gid_maps = static:5000
virtual_mailbox_base = /var/vmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_transport = maildrop
virtual_uid_maps = static:5000
Sending a mail from commandline gives me the following in the mail log (hostname and domain replaced for privacy):
Jan 26 13:33:01 myhost postfix/smtpd[25786]: 0F29E41134A62: client=localhost[127.0.0.1]
Jan 26 13:33:01 myhost postfix/cleanup[8531]: 0F29E41134A62: message-id=<[email protected]>
Jan 26 13:33:01 myhost postfix/qmgr[26331]: 0F29E41134A62: from=<[email protected]>, size=755, nrcpt=1 (queue active)
Jan 26 13:33:01 myhost amavis[18765]: (18765-09) Passed CLEAN, <[email protected]> -> <[email protected]>, Message-ID: <[email protected]>, mail_id: jgU7IihKWNMv, Hits: 1.044, size: 310, queued_as: 0F29E41134A62, 3470 ms
Jan 26 13:33:01 myhost postfix/smtp[14895]: A808940E253C9: to=<[email protected]>, relay=127.0.0.1[127.0.0.1]:10024, delay=3.5, delays=0.04/0/0/3.5, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=18765-09, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0F29E41134A62)
Jan 26 13:33:01 myhost postfix/qmgr[26331]: A808940E253C9: removed
Jan 26 13:33:02 myhost postfix/pipe[10437]: 0F29E41134A62: to=<[email protected]>, relay=maildrop, delay=1.3, delays=0.09/0/0/1.2, dsn=2.0.0, status=sent (delivered via maildrop service)
Jan 26 13:33:02 myhost postfix/qmgr[26331]: 0F29E41134A62: removed
Looking in /var/vmail/example.com reveals that the user has been created at the same timestamp. This user DID NOT exist before sending the test email.
drwx------ 5 vmail vmail 61 2015-01-26 13:33 unknown01
One workaround is change configuration of delivery method from (send)mail to SMTP with localhost.
On roundcube, you can change configuration with
On Squirrelmail, use
conf.plscript. EnterServer Settingsthen choose SMTP inSendmail or SMTPoption with configuration server localhost and port 25.This case can be happened because when delivering email postfix was responsible for checking user existence. Maildrop itself can't do user-existence-check for you. Unfortunately this checks was performed when email was delivered with SMTP not
mailcommand. The reason ismailcommand was only invoking in some processes in localhost, so postfix will trust it.The specific option to turn on/off the user-existence-checks is
smtpd_reject_unlisted_recipient. You can read the documentation on official documentation.References: this thread