When configuring Postfix to forward emails from local users like root to external addresses, you might encounter a situation where aliases defined in /etc/aliases seem to be ignored. The key indicators are:
status=bounced (host internal.my.domain[XXX.182.189.136] said:
550 5.1.1 : Recipient address rejected:
User unknown in virtual mailbox table)
First, verify these critical configuration elements in your main.cf:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
The most common reason for aliases being ignored is that alias_maps isn't properly set. While you have:
alias_database = hash:/etc/aliases
You also need:
alias_maps = hash:/etc/aliases
- Edit your
/etc/postfix/main.cf:
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
mydestination = $myhostname, localhost.$mydomain, localhost
- Edit your
/etc/aliases:
# Basic system accounts
root: hostmaster@my.domain
munin: root
- Run these commands:
sudo newaliases
sudo postfix reload
To verify your setup is working:
echo "Test email" | mail -s "Test Subject" root
Check your mail logs:
tail -f /var/log/mail.log
If you're still having issues:
- Check Postfix's virtual alias maps
- Verify DNS resolution for your domain
- Ensure your mail server can actually send to the destination
postconf -n | grep alias
postconf -n | grep mydestination
When configuring a Postfix MTA with Munin monitoring, many admins encounter a puzzling issue where email aliases defined in /etc/aliases fail to work as expected. The specific case shows:
# /etc/aliases
root: hostmaster@my.domain
Yet the mail logs reveal alias expansion isn't occurring:
Dec 22 16:45:20 postfix/smtp[22099]: 5CFBA2011E0: to=<root@my.domain>,
orig_to=<root>, relay=internal.my.domain[XXX.182.189.136]:25,
status=bounced (550 5.1.1 User unknown)
The critical Postfix settings involved:
# main.cf
alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
mydomain = my.domain
Three common reasons cause this behavior:
- Missing alias_maps directive: While alias_database exists, Postfix actually uses alias_maps for lookups
- Incomplete hash generation: Running
newaliasesmay not always update all required files - Local delivery misconfiguration: The MTA might be treating root@ as a virtual address
First, verify and correct the configuration:
# Ensure both parameters exist in main.cf
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
# For virtual alias testing, add:
recipient_canonical_maps = hash:/etc/postfix/recipient_canonical
Then implement this diagnostic script to test alias resolution:
#!/bin/bash
# Test alias expansion
echo "Testing direct alias lookup:"
postmap -q root hash:/etc/aliases
echo -e "\nTesting delivery path:"
sendmail -v root <<EOF
Subject: Alias Test
Test message for alias verification
EOF
If standard aliases still fail, consider these approaches:
Virtual alias mapping:
# /etc/postfix/virtual
root@my.domain hostmaster@my.domain
Recipient canonical mapping:
# /etc/postfix/recipient_canonical
root hostmaster@my.domain
Remember to compile maps after changes:
postmap /etc/postfix/virtual
postmap /etc/postfix/recipient_canonical
systemctl reload postfix
Use these Postfix commands to verify configuration:
postconf alias_maps
postconf alias_database
postmap -q root hash:/etc/aliases
Check the mail queue processing path:
postqueue -p
postsuper -v ALL