Postfix configuration - how to change to

I note that in my default configuration, I have a number of Virtual Servers that all host different domains.
in one virtual server, i have 2 users (aaasq) which is the ftp user created when i setup the virtual server?

Now i need to create another email account…this example uses a president, so i have created an email address However,
Virtualmin appears to do the following:

Now I wish to utilize this new email account to link with Domain registry contact, so the email address must be:

How do i fix my above problem?

Have you looked in Webmin - Servers - Postfix Mail Server - Address Rewriting & Masquerading ?

Will that work for both inbound and outbound email for

For example the registry is going to send emails to (not

It’s both inbound & outbound - mine are set up as

Rewrite “user%domain” to “user@domain” = Yes
Rewrite “user” to “user@domain” = Yes
Rewrite “user@host” to “user@host.$mydomain” = No
Rewrite “user!site” to “user@domain” = Yes

Then the 3 boxes below to


My users are set up as user. My outbound go as and inbound emails coming to user@mydomain,com turn up in the users mailboxes.



Yes my Webmin>Servers>Address Rewriting and Masquerading settings the same as yours above.

And emails still go out as ?

Have you tried in Webmin - Servers - Postfix: Reload Configuration, then Stop PostFix & Start Postfix? Issue still persists?

And you’ve sent an email to say a gmail or hotmail account and examined the headers?

On the domain in question - create a new user. Virtualmin (making sure the domain is correct in the dropdown) - Edit Users - Add a User to this server.

Then set president1 as the email address - your domain name should already show on the screen. In Other User permission - just verify it says Email Only.

Then send an email to that user from Hotmail/Gmail - does it arrive? Send Hotmail/Gmail an email from that account & check the headers to see who the envelope-from states. If you haven’t got as far as setting SPF records for the domain - there is a chance that the email to Hotmail\Gmail might end up in Spam\Junk or be rejected. But Hotmail\Gmail should still be able to send an email and you can check correct receipt of that.

I personally don’t have an email or anything else associated with a Virtual Server’s primary account. That isn’t what you are try to do is it?

I am sure that the problem is FTP login when new user is created. Now that I have followed the following forum thread…

I note that Erik says, when configuration is changed so that its, you have to start over (ie delete user and create a new one). So after making the configuration changes, I created a new user secretary. virtualmin now correctly shows this as

Others stated on the thread link I have added above, that they could simply edit the user in webmin>System>Users and Groups. So I will try this for president.aaasq and report back what happens.

Cool - glad you are making progress. Report back on how you get on.


ok so I can easily send emails from my Virtualmin virtual servers, and they are being received at the other end as (eg) or

having said that, for some reason, I am unable to receive emails unless they are sent too (the webserver itself…not the virtualmin>virtual server/domain).

Your message couldn’t be delivered. Despite repeated attempts to deliver your message, querying the Domain Name System (DNS) for the recipient’s domain location information failed.

I am not using the Bind to control dns on the hosting server. I simplly point an A record at the server ipaddress…so dns is controlled externally by registrar.

I note that in Virtualmin docs it says…if one wishes to have multiple domains using emails where there is a chance "joe" could be used for any number of different domains, any email sent to “joe” would get delivered to any user on the entire webhosting server. That makes one figure, ok, I need to setup Postfix Virtual Hosting…however, then i read the following…

Postfix Virtual Hosting
Note: Webmin can be used for virtual hosting most easily with the Virtualmin hosting control panel. It automates all of the following tasks, as well as many others commonly needed in a virtual hosting environment, such as setting up email, name service, and databases

this is all good and well, however, where in the docs does it provide an example of a stock Virtualmin installation, where Postfix and Dovecot are working, for us to compare with? (this is a huge problem)

what i really need is a detailed working example of exactly how to configure a postfix/dovecot mail server in Webmin/Virtualmin that can provide email for multiple domains+SSL with the format (not “”).

Even when we go onto the web looking for other tutorials on setting up postfix, one thing i really struggle with is the inconsistency in naming convention used in Virtualmin…it does not exactly line up with commonly used terms in various tutorials on the internet. So its easy for those on this forum who are way less skilled than me (and whilst i am good with webhosting, email servers certainly aren’t my forte)

I have sent an email to, then checked webmin>postfix mail server>Mail queue…its empty.

Does multiple domains work with mail if I am not using Bind in Virtualmin? (ie Virtualmin>Edit Virtual server> dns domain enabled = unchecked

How does resolve in Virtualmin if “dns domain enabled” is not checked? (i ask this because of dns error above)

Do you have an MX record for the domain?

Yes i do have mxrecords.

Emails are being sent out from this user in webmin, but not received by this user (no inbound) …its almost like dovecot isnt working properly because in Usermin the create mail button isnt working and i occasionally get a pop3 authentication error (i am using IMAP)

Where are the docs for “detailed” postfix/dovecot configuration for virtualmin?

Can i just use docs from elsewhere that are more informative? (Such as the ISPConfig ones at

Open up 2 Chrome tabs (or whatever browser you use). In one - go to “Webmin - System - System Logs” and click on View for file /var/log/mail.log. It should be Yes for Active. If not that’s another issue - but in a default install, it should be Yes.

In the 2nd browser tab - open your Hotmail\Gmai or external mail -send an email to president\secretary email account an email.

Once sent - go to Tab 1 (the mail log) and hit refresh a few times if need to be to see what happens. PostFix should log the incoming email and what it does with it.

I just sent my email address on a domain (virtual server) an email from my Yahoo account and saw the following lines in my log

Oct 15 20:05:06 host1 postfix/smtpd[27776]: connect from[] Oct 15 20:05:07 host1 policyd-spf[27779]: None; identity=helo; client-ip=;;; Oct 15 20:05:07 host1 policyd-spf[27779]: Pass; identity=mailfrom; client-ip=;;; Oct 15 20:05:07 host1 postfix/smtpd[27776]: 7DF9D3CCF9:[] Oct 15 20:05:07 host1 postfix/cleanup[27780]: 7DF9D3CCF9: message-id=<> Oct 15 20:05:07 host1 postfix/qmgr[1635]: 7DF9D3CCF9: from=, size=3557, nrcpt=1 (queue active) Oct 15 20:05:07 host1 postfix/smtpd[27776]: disconnect from[] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7 Oct 15 20:05:08 host1 spamd[27920]: spamd: connection from ::1 [::1]:44456 to port 783, fd 5 Oct 15 20:05:08 host1 spamd[27920]: spamd: setuid to succeeded Oct 15 20:05:08 host1 spamd[27920]: spamd: processing message <> for Oct 15 20:05:08 host1 spamd[27920]: spamd: clean message (1.2/6.0) for in 0.3 seconds, 3699 bytes. Oct 15 20:05:08 host1 spamd[27920]: spamd: result: . 1 - BAYES_50,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,HTML_MESSAGE,MIME_HTML_MOSTLY,RCVD_IN_DNSWL_BLOCKED,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_PASS scantime=0.3,size=3699,,uid=1012,required_score=6.0,rhost=::1,raddr=::1,rport=44456,mid=<>,bayes=0.463198,autolearn=no autolearn_force=no Oct 15 20:05:08 host1 postfix/local[27781]: 7DF9D3CCF9: to=, orig_to=, relay=local, delay=2.1, delays=1.3/0.01/0/0.83, dsn=2.0.0, status=sent (delivered to command: /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME) Oct 15 20:05:08 host1 postfix/qmgr[1635]: 7DF9D3CCF9: removed

and the email is in the inbox when I checked the local account.

Obviously hostname, sender & recipient have been generic’d to host1, &

Can you post up your DNS records for the domain in question? There’s nothing top secret in them. :wink:

Ok so i have found at least one error in my dns that i should have picked up on before and at least now i am getting somewhere.

At some point in the past (not sure when it was now), I have either inadvertantly deleted (or simply forgot to add in) the following “A record”… @ serverip address

So at least now, i immediately get the following postmaster error when i attempt to send email to rejected your message to the following email addresses: (
The address you sent your message to wasn’t found at the destination domain. It might be misspelled or it might not exist. Try to fix the problem by doing one or more of the following:

  1. Send the message again, but before you do, delete and retype the address. If your email program automatically suggests an address to use, don’t select it.
  2. Clear the recipient AutoComplete cache in your email program by following the steps in this article: Status code 5.1.1. Then resend the message, but before you do, be sure to delete and retype the address.
  3. Contact the recipient by some other means (by phone, for example) to confirm you’re using the right address. Ask them if they’ve set up an email forwarding rule that could be forwarding your message to an incorrect address. gave this error: Recipient address rejected: User unknown in virtual alias table

So, i believe that if i sort out the Virtual Alias table, things should work. My question now is, i thought that Virtualmin was supposed to do this automatically?

P.S. Also getting the same postmaster error for

Mail doesn’t normally have an A record. Usually, in the cases I’ve seen\experienced, the IP address has an A record with @ and there are CNAME’s for the aliases like www, ftp, mail. Then there is an MX record pointing to the (effectively the CNAME).

Post up what you have for the DNS records please? Generic out the names & set the IP to if you’d prefer?

I’ve got a out of the box install of Virtualmin and adding new VirtualServers (did one in the last 2 weeks) - I’ve not had issues with anything (bar the recent 6.04 + Apache thing about *:80 vs IP:80 but that’s not relevant here).

Nor had issues with the Alias table or anything else of significance. Even “adjusting” Postfix to become more secure can be done from the GUI.

Also DNS changes take time to propogate.

Actual Registrar DNS are as follows… SOA 3600 A 300
mail A 3600
webmail A 300
www CNAME 3600 MX 3600 5 NS 3600 NS 3600 NS 3600 TXT 300 “v=spf1 a mx ip4: ip4: ip6:fe80::5400:1ff:fef1:5674 ?all”

suggested records by virtualmin use an A record for (see below) IN A IN A IN A IN A IN A IN A IN A IN A IN MX 5 IN TXT “v=spf1 a mx ip4: ip4: ip6:fe80::5400:1ff:fef1:5674 ?all”

I am confused that the mail record error popped up, because i have just realised that i had the following mxrecord anyway… MX 3600 5
should this record have resolved without me having to also add an A record?

can you also look over my etc/postfix/

See /usr/share/postfix/ for a commented, more complete version

#Define the domain list as hash file or as list in the config file.
#virtual_alias_domains = hash:/etc/postfix/virtual_domains

Debian specific: Specifying a file name will cause the first

line of that file to be used as the name. The Debian default

is /etc/mailname.

#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

appending .domain is the MUA’s job.

append_dot_mydomain = no

Uncomment the next line to generate “delayed mail” warnings

#delay_warning_time = 4h

readme_directory = no

See – default to 2 on

fresh installs.

compatibility_level = 2

TLS parameters

smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_tls_security_level = dane
mynetworks_style = subnet
smtpd_tls_CAfile = /etc/postfix/
smtpd_error_sleep_time = 5s
myhostname =
mydestination = $myhostname, $mydomain, localhost.$mydomain,,, localhost
default_process_limit = 2
mydomain =