Email domain alias does not working

Hello,

I have domain domain.tld but when I create alias of it on domainxy.tld I can't login with emails nor deliver emails on it.

I can login and work with [email protected] but cant login or deliver with [email protected] .. any idea where is issue? Both MX are directing on server.

After sending an email to alias domain I have this error as response

554 5.7.1 <email@domainxy.tld>: Relay access denied

 

you can't login with it because it's an alias, not a mailbox. it has no login credentials of it's own.

also, just to be clear, you created a mail domainalias, not a website domainalias? (i know, it's a stupid question to be asking, but people do make this mistake)

what do the mail logs show for any mail sent to [email protected]?

 

Yes is it mailbox domain alias, checked it for sure )

Log looks like this

Code:

postfix/smtpd[31223]: NOQUEUE: reject: RCPT from mail-ej1-x62f.google.com[2a00:1450:4864:20::62f]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<mail-ej1-x62f.google.com>

 

ok. you don't say what version of ispconfig you're using, is it 3.2 or 3.2.1?

if so, you might find this thread useful:
Upgrade to 3.2.1: Email Domain Aliases not working | Howtoforge - Linux Howtos and Tutorials

 

I have the latest ISPConfig thought it might be bug so updated it.

 

No I cam configuring it with ansible. Here is main.cf

Code:

# See /usr/share/postfix/main.cf.dist for a commented, more complete version


# Debian specific:  Specifying a file name will cause the first
# line of that file to be used as the name.  The Debian default
# is /etc/mailname.
#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

# appending .domain is the MUA's job.
append_dot_mydomain = no

# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h

readme_directory = no

# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2



# TLS parameters
smtpd_tls_cert_file = /etc/ssl/ansible/cert.pem
smtpd_tls_key_file = /etc/ssl/ansible/key.pem
smtpd_use_tls = yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
myhostname = server.host.tld
alias_maps =
alias_database = hash:/etc/aliases, hash:/var/lib/mailman/data/aliases
myorigin = /etc/mailname
mydestination = server.host.tld
relayhost =
mynetworks = 127.0.0.0/8 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = ipv4, ipv6
dovecot_destination_recipient_limit = 1
virtual_transport = dovecot
smtpd_sasl_type = dovecot
smtpd_sasl_path = private/auth
content_filter = amavis:[127.0.0.1]:10024
receive_override_options = no_address_mappings
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql-virtual_forwardings.cf, proxy:mysql:/etc/postfix/mysql-virtual_email2email.cf
message_size_limit = 52428800
smtp_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_exclude_ciphers = RC4, aNULL
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3
smtpd_tls_protocols = !SSLv2,!SSLv3
smtp_tls_protocols = !SSLv2,!SSLv3
smtp_tls_security_level = may
owner_request_special = no
body_checks = regexp:/etc/postfix/body_checks
nested_header_checks = regexp:/etc/postfix/nested_header_checks
mime_header_checks = regexp:/etc/postfix/mime_header_checks
header_checks = regexp:/etc/postfix/header_checks
maildrop_destination_recipient_limit = 1
maildrop_destination_concurrency_limit = 1
smtpd_client_message_rate_limit = 100
smtpd_client_restrictions = check_client_access mysql:/etc/postfix/mysql-virtual_client.cf
smtpd_sender_restrictions = check_sender_access regexp:/etc/postfix/tag_as_originating.re , permit_mynetworks, permit_sasl_authenticated, check_sender_access mysql:/etc/postfix/mysql-virtual_sender.cf, check_sender_access regexp:/etc/postfix/tag_as_foreign.re
smtpd_helo_restrictions = permit_sasl_authenticated, permit_mynetworks, check_helo_access regexp:/etc/postfix/helo_access, reject_invalid_hostname, reject_non_fqdn_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname, check_helo_access regexp:/etc/postfix/blacklist_helo
smtpd_helo_required = yes
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $sender_bcc_maps $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $smtpd_sender_login_maps
smtpd_sender_login_maps = proxy:mysql:/etc/postfix/mysql-virtual_sender_login_maps.cf
relay_recipient_maps = mysql:/etc/postfix/mysql-virtual_relayrecipientmaps.cf
relay_domains = mysql:/etc/postfix/mysql-virtual_relaydomains.cf
transport_maps = hash:/var/lib/mailman/data/transport-mailman, proxy:mysql:/etc/postfix/mysql-virtual_transports.cf
smtpd_tls_security_level = may
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_rbl_client zen.spamhaus.org, check_recipient_access mysql:/etc/postfix/mysql-virtual_recipient.cf, check_recipient_access mysql:/etc/postfix/mysql-virtual_policy_greylist.cf
greylisting = check_policy_service inet:127.0.0.1:10023
smtpd_restriction_classes = greylisting
smtpd_sasl_authenticated_header = yes
broken_sasl_auth_clients = no
smtpd_sasl_auth_enable = yes
sender_bcc_maps = proxy:mysql:/etc/postfix/mysql-virtual_outgoing_bcc.cf
virtual_gid_maps = mysql:/etc/postfix/mysql-virtual_gids.cf
virtual_uid_maps = mysql:/etc/postfix/mysql-virtual_uids.cf
virtual_mailbox_base = /var/vmail
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql-virtual_mailboxes.cf
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql-virtual_domains.cf
virtual_alias_domains =
smtpd_tls_CAfile = /etc/ssl/ansible/ca.pem
smtpd_reject_unlisted_sender = yes
smtpd_etrn_restrictions = permit_mynetworks, reject
smtpd_data_restrictions = permit_mynetworks, reject_unauth_pipelining, reject_multi_recipient_bounce, permit
smtpd_tls_mandatory_ciphers = medium
tls_medium_cipherlist = ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA256:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA
tls_preempt_cipherlist = yes
address_verify_negative_refresh_time = 60s
enable_original_recipient = no
smtpd_forbidden_commands = CONNECT,GET,POST,USER,PASS
address_verify_sender_ttl = 15686s
smtp_dns_support_level = dnssec

 

Sadly I cant upgrade.

Code:

There are no updates available for ISPConfig 3.2.1
If you are sure you want to update to stable anyway, please use --force parameter
DOWNGRADING MAY CAUSE ISSUES!

 

I am using my own config which is installed via ansible. I just need to know which configuration is handling email domain aliases in ISPConfig so I can properly setup them or change postfix/dovecot configuration .....

 

so I reconfigured service. Email is now not denying, but when I send email on alias domain, it does not appear in original [email protected] should not work it that way?

 

It is working now, SSL bug on my side. Thanks for help.