Problems with postfix

18 posts / 0 new
Last post
#1 Mon, 02/15/2010 - 18:52

Problems with postfix

I just installed Virtualmin on a fresh Centos 5 and then customized it according to this guide:

I migrated a user over from a cPanel server and it is not getting any e-mail sent to it. Checking my /var/log/maillog file, I can see some entries like this:

Feb 15 19:25:07 duck postfix/smtpd[30203]: connect from unknown[]
Feb 15 19:25:08 duck postfix/smtpd[30203]: NOQUEUE: reject: RCPT from unknown[]: 550 5.1.1 <>: Recipient address rejected: undeliverable address: User unknown in virtual alias table; from=<> to=<> proto=ESMTP helo=<[]>
Feb 15 19:25:08 duck postfix/cleanup[30555]: DC970F0074: message-id=<>
Feb 15 19:25:08 duck postfix/smtpd[30203]: disconnect from unknown[]
Feb 15 19:25:08 duck postfix/qmgr[16479]: DC970F0074: from=<>, size=1128, nrcpt=1 (queue active)
Feb 15 19:25:08 duck postfix/error[30762]: DC970F0074: to=<>, orig_to=<postmaster>, relay=none, delay=0, delays=0/0/0/0, dsn=5.0.0, status=bounced (User unknown in virtual alias table)
Feb 15 19:25:08 duck postfix/bounce[30891]: warning: DC970F0074: undeliverable postmaster notification discarded
Feb 15 19:25:08 duck postfix/qmgr[16479]: DC970F0074: removed
Feb 15 19:26:02 duck postfix/pickup[24410]: E8DC4F0074: uid=0 from=<root>

What could be happening here? I'm assuming a problem with postfix, but I don't know how to debug it. Here is my postfix configuration:

# postconf -n
address_verify_map = btree:/var/spool/postfix/verify
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 2
disable_vrfy_command = yes
home_mailbox = Maildir/
html_directory = no
inet_interfaces = all
mail_owner = postfix
mail_spool_directory = /var/spool/mail
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost,
mynetworks =
myorigin = $mydomain
newaliases_path = /usr/bin/newaliases.postfix
non_smtpd_milters = unix:/var/clamav/clmilter.socket unix:/var/run/spamass.sock
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
recipient_canonical_maps = hash:/etc/postfix/canonical
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sender_bcc_maps = hash:/etc/postfix/bcc
sender_canonical_maps = hash:/etc/postfix/canonical
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
smtp_tls_CAfile = /etc/pki/postfix/root.crt
smtp_tls_cert_file = /etc/pki/postfix/server.pem
smtp_tls_key_file = /etc/pki/postfix/key.pem
smtp_tls_note_starttls_offer = yes
smtp_tls_session_cache_database = btree:/var/spool/postfix/smtp_tls_cache
smtp_use_tls = yes
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_error_sleep_time = 5s
smtpd_hard_error_limit = 20
smtpd_helo_required = yes
smtpd_milters = unix:/var/clamav/clmilter.socket unix:/var/run/spamass.sock
smtpd_recipient_restrictions = permit_mynetworks        permit_sasl_authenticated        reject_unauth_destination        check_recipient_access hash:/etc/postfix/access        reject_unknown_recipient_domain        reject_unknown_sender_domain        reject_unverified_recipient        reject_non_fqdn_recipient        reject_non_fqdn_sender        reject_invalid_hostname        reject_rbl_client        reject_rbl_client        reject_rbl_client        reject_rbl_client        reject_rbl_client        reject_rhsbl_sender        reject_rhsbl_sender        reject_rhsbl_sender        reject_rhsbl_client        reject_rhsbl_client        reject_rhsbl_client        check_policy_service unix:private/spfpolicy
smtpd_sasl_auth_enable = yes
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = hash:/etc/postfix/sender_access
smtpd_soft_error_limit = 10
smtpd_tls_CAfile = /etc/pki/postfix/root.crt
smtpd_tls_cert_file = /etc/pki/postfix/server.pem
smtpd_tls_key_file = /etc/pki/postfix/key.pem
smtpd_tls_loglevel = 1
smtpd_tls_received_header = yes
smtpd_tls_session_cache_database = btree:/var/spool/postfix/smtpd_tls_cache
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
tls_random_source = dev:/dev/urandom
unknown_local_recipient_reject_code = 550
unverified_recipient_reject_code = 550
unverified_sender_reject_code = 550
virtual_alias_maps = hash:/etc/postfix/virtual
Mon, 02/15/2010 - 19:02


Well, I dunno if this is just a goof in masking the address, or the actual problem, but one thing I notice is that it's trying to deliver to this address:

However, the other thing you'd want to look into is to make sure that whatever your hostname is, that there's a corresponding line in /etc/hosts, and on the mydestination line of the /etc/postfix/

Typically, you'd want an FQDN as your hostname (ie, And then, have an entry for that in your hosts and file.

Without that, Postfix could get confused and not realize what server it's running on.


Mon, 02/15/2010 - 19:37 (Reply to #2)

Thanks for your reply. The address there was a goof trying to mask it. Sorry for the confusion.

My /etc/hosts file does contain my hostname with the correct (main) IP address for the server. Also, my mydestination variable in /etc/postfix/ is mydestination = $myhostname, localhost.$mydomain, localhost,, $mydomain

Also, I just noticed some other messages appearing in my /var/log/maillog:

Feb 15 20:31:01 duck postfix/pickup[4577]: 5C844F0078: uid=0 from=<root>
Feb 15 20:31:01 duck postfix/cleanup[4579]: 5C844F0078: message-id=<>
Feb 15 20:31:01 duck postfix/cleanup[4579]: 5C844F0078: milter-reject: END-OF-MESSAGE from localhost[]: 4.7.1 Service unavailable - try again later; from=<> to=<>
Mon, 02/15/2010 - 20:17

I know this may seem a little silly, but is your FQDN first in the /etc/hosts file?

That is, you'd want: hostname

and not: hostname

And when you type "hostname', you are seeing the FQDN?

However, according to the HowtoForge article you have there, they're using the "spamass-milter" package. And I have no idea how that works or what exactly it's doing :-) It appears to be what's rejecting the message you pasted in above though.

I'll offer that, out of the box, Virtualmin does email, spam, and virus processing using Postfix, SpamAssassin, and ClamAV without requiring the use of additional packages or a third party repo... and I'm not sure how spamass-milter fits into the puzzle... but it's possible that it's causing some confusion :-)


Mon, 02/15/2010 - 21:31 (Reply to #4)

Yes, that was definitely preventing it completely. I stopped /etc/init.d/*milter and commented out a couple lines from my postfix conf file and now I got a few e-mails in my inbox, but they are all server messages. I tried sending an e-mail to myself, but it comes back with the message "User unknown in virtual alias table" even though I have a catch-all address enabled through virtualmin.

Edit :: Actually it seems to happen even if I send it to as well. It seems that only the mails originating from the server itself are making it through

Mon, 02/15/2010 - 21:56

Okay, well, that's a step in the right direction.

However, in order to help, I think you're going to end up needing to post your hostname :-) You can always edit the post and mask it out after we figure all this out.

What I'd need to see is the following:

  1. The output of the "hostname" command

  2. The contents of your /etc/hosts file

  3. The full contents of your /etc/postfix/ file

With that, I think we can get a better idea of what's going on.



Mon, 02/15/2010 - 22:27 (Reply to #6)
Mon, 02/15/2010 - 22:28 (Reply to #7)

Weird, my message appears blank for some reason. There must be some sort of error with this thing. I can edit my post, but when I click save, it is still blank.

Tue, 02/16/2010 - 13:09 (Reply to #8)

Ok, posting it again then...

my hostname:

my /etc/hosts:
[code]# Do not remove the following line, or various programs
# that require network functionality will fail. localhost.localdomain localhost duck[/code]

Mon, 02/15/2010 - 22:32 (Reply to #9)
Mon, 02/15/2010 - 22:36 (Reply to #10)

ok it's not liking my /etc/postfix/ file for some reason

Mon, 02/15/2010 - 22:36

It's okay, I'm able to see it if I hit 'Edit'.

And that much looks good, I believe.

I'm kind of struggling with this one... I've seen that error before, but it's always been a hostname related issue.

What if you go into System Settings -> Recheck Config, does that pass without any errors?


Mon, 02/15/2010 - 22:40 (Reply to #12)

The AWstats command /usr/share/awstats/wwwroot/cgi-bin/ was not found on your system

But that has nothing to do with mail... I'll have to see what's going on with awstats and maybe it will be able to continue with more checks

Mon, 02/15/2010 - 22:42 (Reply to #13)

well for the whole thing:

BIND DNS server is installed, and the system is configured to use it. 
Mail server Postfix is installed and configured.
Apache is installed.
Webalizer is installed.
Apache is configured to host SSL websites.
MySQL is installed and running.
ProFTPd is installed.
Logrotate is installed.
SpamAssassin and Procmail are installed and configured for use.
ClamAV is installed and assumed to be running.
The AWstats command /usr/share/awstats/wwwroot/cgi-bin/ was not found on your system.
.. your system is not ready for use by Virtualmin.
Tue, 02/16/2010 - 13:09 (Reply to #14)

OK, no errors in re-check config:

The status of your system is being checked to ensure that all enabled features are available, that the mail server is properly configured, and that quotas are active ..
BIND DNS server is installed, and the system is configured to use it. 
Mail server Postfix is installed and configured.
Apache is installed.
Webalizer is installed.
Apache is configured to host SSL websites.
MySQL is installed and running.
ProFTPd is installed.
Logrotate is installed.
SpamAssassin and Procmail are installed and configured for use.
ClamAV is installed and assumed to be running.
Plugin AWstats reporting is installed OK.
Plugin DAV Login is installed OK.
Plugin Mailman is installed OK.
Plugin Protected web directories is installed OK.
Using network interface eth0 for virtual IPs.
IPv6 addresses are available, using interface eth0.
Default IP address for virtual servers is
Default IP address is set to, which matches the detected external address.
Both user and group quotas are enabled for home and email directories.
All commands needed to create and restore backups are installed.
.. your system is ready for use by Virtualmin
Mon, 02/15/2010 - 23:07

I think I might have it. I changed the line:

smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination


smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated

and I just received a test e-mail...

Mon, 02/15/2010 - 23:18 (Reply to #16)

I think I spoke too soon. I just sent another one and it came back with the same error "User unknown in virtual alias table". At least I'm getting closer.

Tue, 02/16/2010 - 13:05 (Reply to #17)

Hmm I let it run all night and I got about 550 spam messages and not a single one had this message in it. Most of them were blocked by Spamhaus or being a non-existent domain and about 10 got through. I also sent myself an e-mail that went through fine, so it does seem to be working. Thanks for all your help with this. I really appreciate it.

Topic locked