Your DNS records don’t look correct.

Create a single A record for the base domain - i.e. domain.com.au
Create the subdomains as CNAME’s - www & mail.

MX record - the control panels I’ve used just want a hostname, a value & a TTL. So that would be mail.domain.com.au 10 3600 (or whatevr you want to set).

https://www.copernica.com/en/blog/post/a-record-and-mx-record-how-does-it-work

I would suggest you look a little closely at the Control Panel you are using a& see if there is any documentation on formats required. I’ve been caught out recently where the provider wanted it a totally different way to others I’d used.

Your main.cf looks ok. My smtp_recipient_restrictions are a little different but that’s to be expected. The only real difference is mine has

myorigin = /etc/mailname

and yours has myorigin = $mydomain but that may well be down to your OS is Debian and mine is Ubuntu. Out of the box (Virtualmin) you shouldn’t be having these issues. My money is on your DNS records not being correct\propogated.

EDIT: Also mine is inet_protocols = ipv4 as I’me not using IP6. But that’s neither here nor there.

interestingly enough, when i perform an mxtoolbox test on the mxrecord i get the following results…

Connecting to 1.1.1.1

220 host.domain.com.au ESMTP Postfix (Debian/GNU) [2562 ms]
EHLO keeper-us-east-1b.mxtoolbox.com
250-server1.domain.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8 [844 ms]
MAIL FROM:supertool@mxtoolbox.com
250 2.1.0 Ok [844 ms]
RCPT TO:test@mxtoolboxsmtpdiag.com

SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)

LookupServer 5453ms
We were able to connect to your email server on port 25. Your server either disconnected before we sent our final QUIT command or did not respond to one of our other diagnostic commands within 15 seconds.

Additional Information
This may be due to a network problem, or could be an anti-spam feature of your email system. On it’s own this warning does not point to any specific problem, but can be helpful in diagnosis when combined with other errors.

Hmmm, i wonder…this wouldnt be fail2ban causing this would it???

I prefer to use https://www.wormly.com/test-smtp-server it gives easier to follow results.

Edit: I did try the mxtoolbox one on mine & got a relay denied message. LOL As expected in my case.

I am still getting that same error

SMTP Error: The following recipients failed: user@domain.com.au: : Recipient address rejected: User unknown in virtual alias table

I am sure that i need to fix the Virtual Alias table issue, however, I am not sure how to do this. When i check the Webmin Docs, its says that Virtualmin is supposed to automatically sort the Virtual Alias functionality. How to fix?

What’s the full text of the response?

Edit - use https://dnschecker.org/mx-record-validation.php and see what the response is?

This is the one from mxtoolbox
Connecting to 104.156.233.188

220 host.domain.com.au ESMTP Postfix (Debian/GNU) [797 ms]
EHLO keeper-us-east-1c.mxtoolbox.com
250-host.domain.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8 [828 ms]
MAIL FROM:supertool@mxtoolbox.com
250 2.1.0 Ok [828 ms]
RCPT TO:test@mxtoolboxsmtpdiag.com

SendSMTPCommand: You hung up on us after we connected. Please whitelist us. (connection lost)

LookupServer 3891ms

and this is the reply from Test Your STMP Mail server website you gave me

Resolving hostname…
Connecting…
Connection: opening to domain.com:25, timeout=300, options=array (
)
Connection: opened
SERVER -> CLIENT: 220 host.domain.com.com.au ESMTP Postfix (Debian/GNU)
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-host.domain.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-host.domain.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 550 5.1.1 : Recipient address rejected: User unknown in virtual alias table
SMTP ERROR: RCPT TO command failed: 550 5.1.1 : Recipient address rejected: User unknown in virtual alias table
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 421 4.7.0 host.domain.com.au Error: too many errors
SMTP ERROR: QUIT command failed: 421 4.7.0 host.domain.com.au Error: too many errors
Connection: closed
2019-10-15 21:37:40 SMTP Error: The following recipients failed: aaasq@domain.com: : Recipient address rejected: User unknown in virtual alias table
Message sending failed.

EDIT…
I also tried with fail2ban and spam assassin shutdown…no difference

Do you get the same when you send to president\secretary @ domain.com.au ?

Also what does you /var/log/mail.log say when you look at it in “Webmin - System - System Logs” for the time you sent the email?

yes…User unknown in Virtual Alias Table.

Before yesterday, i wasnt using user@domain.com in Virtualmin. trouble was, for some reason the new email account i created for the virtualserver/domain in question refused to work.
It was only accepting emails for the new user on the virtual server in the following format

president.aaasq@host.fqdn.com

Obviously that is useless, i wanted president@domain.com

Ever since i made the change, now the entire server email isnt working…in addition to my original problem of course.

Also i note the following when i check Dovecot status…

dovecot.service - Dovecot IMAP/POP3 email server
Loaded: loaded (/lib/systemd/system/dovecot.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Tue 2019-10-15 13:55:51 AEDT; 19h ago
Docs: man:dovecot(1)
http://wiki2.dovecot.org/
Process: 9251 ExecStop=/usr/bin/doveadm stop (code=exited, status=75)
Main PID: 612 (code=exited, status=0/SUCCESS)

Warning: Journal has been rotated since unit was started. Log output is incomplete or unavailable.

system log (where “server1” is the host)

Oct 16 09:03:01 server1 postfix/smtpd[27468]: connect from unknown[46.38.144.57]
Oct 16 09:03:02 server1 postfix/smtpd[7632]: warning: unknown[46.38.144.202]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:03:02 server1 postfix/smtpd[7632]: too many errors after AUTH from unknown[46.38.144.202]
Oct 16 09:03:02 server1 postfix/smtpd[7632]: disconnect from unknown[46.38.144.202] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘pri.authdns.ripe.net/A/IN’: 2001:67c:e0::7#53
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘pri.authdns.ripe.net/AAAA/IN’: 2001:67c:e0::7#53
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘ari.alpha.aridns.net.au/AAAA/IN’: 2001:dcd:1::2#53
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘ari.alpha.aridns.net.au/AAAA/IN’: 2001:dcd:4::2#53
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘udns1.ultradns.net/AAAA/IN’: 2610:a1:1016::e8#53
Oct 16 09:03:04 server1 named[546]: network unreachable resolving ‘udns1.ultradns.net/AAAA/IN’: 2610:a1:1014::e8#53

I’ve just looked back to your 1st post & perhaps I should read more carefully:

I note that in my default configuration, I have a number of Virtual Servers that all host different domains. in one virtual server, i have 2 users (aaasq) which is the ftp user created when i setup the virtual server?

Now i need to create another email account…this example uses a president, so i have created an email address president@domain.com. However, Virtualmin appears to do the following:

president.aasq@hostname.fqdn.com

Now I wish to utilize this new email account to link with Domain registry contact, so the email address must be:

president@domain.com

How do i fix my above problem?

You appear to have created an FTP user (I take that to be FTP only) otherwise I would have expected something in your post to say it’s an “FTP, Email, etc” type user. Which is why earlier on, I was saying that you should create a totally new user in Virtualmin as in Post #7.

But in your last post - you are trying to send emails to aasq, which according to your 1st email is an FTP (I assume only FTP) user. I was expecting that you had created a new user as in post #7 and were trying to send to\from that.

In which case - you aren’t going to receive emails sent to it and the server is responding correcting with a 550 message.

EDIT: Or is my understanding wrong? Which is OK.

https://drive.google.com/file/d/1ZpJi8wTs5wfFQT3NnPV3CIM9QLMZbNMH/view?usp=sharing

From the Terminal type (might need elevated privileges)

systemctl status systemd-journald

what do you get? The same warning? If so check the contents of /var/crash/ - is there files in there?

Appreciate the picture - says a million words.

I would say ignore aaasq for the moment & focus on one of the other 2. According to Post #10 - when you send as one of those 2 - they receive correctly. Try the wormly tool again and send a test message to one of those 2. Post up the dialog & the lines from the /var/log/mail.log relevant to the time sent. 2 browser windows might be useful - one for each - when you use the wormly tool.

also, I missed this…here is the answer to comment #31

systemctl status systemd-journald
● systemd-journald.service - Journal Service
Loaded: loaded (/lib/systemd/system/systemd-journald.service; static; vendor preset: enabled)
Active: active (running) since Thu 2019-09-26 14:54:05 AEST; 2 weeks 5 days ago
Docs: man:systemd-journald.service(8)
man:journald.conf(5)
Main PID: 186 (systemd-journal)
Status: “Processing requests…”
Tasks: 1 (limit: 4915)
CGroup: /system.slice/systemd-journald.service
└─186 /lib/systemd/systemd-journald

I will go and do the email test for comment #35 and report back

Wormly smtp test (to server ip address)

Connecting…
Connection: opening to 104.156.233.188:25, timeout=300, options=array (
)
Connection: opened
SERVER -> CLIENT: 220 host.fqdn.com.au ESMTP Postfix (Debian/GNU)
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-host.fqdn.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: STARTTLS
SERVER -> CLIENT: 220 2.0.0 Ready to start TLS
CLIENT -> SERVER: EHLO tools.wormly.com
SERVER -> CLIENT: 250-host.fqdn.com.au
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-AUTH PLAIN LOGIN
250-AUTH=PLAIN LOGIN
250-ENHANCEDSTATUSCODES
250-8BITMIME
250-DSN
250 SMTPUTF8
CLIENT -> SERVER: MAIL FROM:
SERVER -> CLIENT: 250 2.1.0 Ok
CLIENT -> SERVER: RCPT TO:
SERVER -> CLIENT: 550 5.1.1 : Recipient address rejected: User unknown in virtual alias table
SMTP ERROR: RCPT TO command failed: 550 5.1.1 : Recipient address rejected: User unknown in virtual alias table
CLIENT -> SERVER: QUIT
SERVER -> CLIENT: 421 4.7.0 host.fqdn.com.au Error: too many errors
SMTP ERROR: QUIT command failed: 421 4.7.0 host.fqdn.com.au Error: too many errors
Connection: closed
2019-10-15 22:33:43 SMTP Error: The following recipients failed: president@domain.com.au: : Recipient address rejected: User unknown in virtual alias table
Message sending failed.

system log at 9.34am when email was sent via wornly
Oct 16 09:34:05 server1 postfix/smtpd[22674]: warning: unknown[185.36.81.242]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:05 server1 postfix/smtpd[22674]: too many errors after AUTH from unknown[185.36.81.242]
Oct 16 09:34:05 server1 postfix/smtpd[22674]: disconnect from unknown[185.36.81.242] ehlo=1 auth=0/1 commands=1/2
Oct 16 09:34:10 server1 postfix/smtpd[19110]: warning: unknown[46.38.144.57]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:10 server1 postfix/smtpd[19110]: too many errors after AUTH from unknown[46.38.144.57]
Oct 16 09:34:10 server1 postfix/smtpd[19110]: disconnect from unknown[46.38.144.57] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct 16 09:34:10 server1 postfix/smtpd[19623]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:10 server1 postfix/smtpd[19623]: too many errors after AUTH from unknown[46.38.144.179]
Oct 16 09:34:10 server1 postfix/smtpd[19623]: disconnect from unknown[46.38.144.179] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct 16 09:34:15 server1 postfix/smtpd[22594]: connect from unknown[46.38.144.17]
Oct 16 09:34:16 server1 named[546]: network unreachable resolving ‘s.lz6.zl.sampa.br/A/IN’: 2001:12f8:6::10#53
Oct 16 09:34:16 server1 postfix/smtpd[22674]: warning: hostname s.lz6.zl.sampa.br does not resolve to address 185.36.81.245: Name or service not known
Oct 16 09:34:16 server1 postfix/smtpd[22674]: connect from unknown[185.36.81.245]
Oct 16 09:34:19 server1 named[546]: network unreachable resolving ‘0.pool.ntp.org/A/IN’: 2a01:4f8:121:43cd::3:1#53
Oct 16 09:34:19 server1 named[546]: network unreachable resolving ‘0.pool.ntp.org/A/IN’: 2400:6180:0:d1::695:5001#53
Oct 16 09:34:20 server1 postfix/smtpd[22674]: warning: unknown[185.36.81.245]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:20 server1 postfix/smtpd[22674]: too many errors after AUTH from unknown[185.36.81.245]
Oct 16 09:34:20 server1 postfix/smtpd[22674]: disconnect from unknown[185.36.81.245] ehlo=1 auth=0/1 commands=1/2
Oct 16 09:34:20 server1 postfix/smtpd[22674]: warning: hostname ip-38-37.ZervDNS does not resolve to address 92.118.38.37: Name or service not known
Oct 16 09:34:20 server1 postfix/smtpd[22674]: connect from unknown[92.118.38.37]

Last time you posted /var/log/system/syslog or something similar. Post up the relevant entries from /var/log/mail.log ?

EDIT: and when you did the wormly test smtp thing - which email address were you sending to? President or secretary? IGNORE this question - It’s on the wormly dialog.

/var/log/mail.log

Oct 16 09:34:05 server1 postfix/smtpd[22674]: warning: unknown[185.36.81.242]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:05 server1 postfix/smtpd[22674]: too many errors after AUTH from unknown[185.36.81.242]
Oct 16 09:34:05 server1 postfix/smtpd[22674]: disconnect from unknown[185.36.81.242] ehlo=1 auth=0/1 commands=1/2
Oct 16 09:34:10 server1 postfix/smtpd[19110]: warning: unknown[46.38.144.57]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:10 server1 postfix/smtpd[19110]: too many errors after AUTH from unknown[46.38.144.57]
Oct 16 09:34:10 server1 postfix/smtpd[19110]: disconnect from unknown[46.38.144.57] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct 16 09:34:10 server1 postfix/smtpd[19623]: warning: unknown[46.38.144.179]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:10 server1 postfix/smtpd[19623]: too many errors after AUTH from unknown[46.38.144.179]
Oct 16 09:34:10 server1 postfix/smtpd[19623]: disconnect from unknown[46.38.144.179] ehlo=1 auth=0/1 rset=1 commands=2/3
Oct 16 09:34:15 server1 postfix/smtpd[22594]: connect from unknown[46.38.144.17]
Oct 16 09:34:16 server1 postfix/smtpd[22674]: warning: hostname s.lz6.zl.sampa.br does not resolve to address 185.36.81.245: Name or service not known
Oct 16 09:34:16 server1 postfix/smtpd[22674]: connect from unknown[185.36.81.245]
Oct 16 09:34:20 server1 postfix/smtpd[22674]: warning: unknown[185.36.81.245]: SASL LOGIN authentication failed: authentication failure
Oct 16 09:34:20 server1 postfix/smtpd[22674]: too many errors after AUTH from unknown[185.36.81.245]
Oct 16 09:34:20 server1 postfix/smtpd[22674]: disconnect from unknown[185.36.81.245] ehlo=1 auth=0/1 commands=1/2
Oct 16 09:34:20 server1 postfix/smtpd[22674]: warning: hostname ip-38-37.ZervDNS does not resolve to address 92.118.38.37: Name or service not known
Oct 16 09:34:20 server1 postfix/smtpd[22674]: connect from unknown[92.118.38.37]

did i post my postfix conf file?

here it is…
# See /usr/share/postfix/main.cf.dist for a commented, more complete version
#Define the domain list as hash file or as list in the config file.
#virtual_alias_domains = hash:/etc/postfix/virtual_domains

Debian specific: Specifying a file name will cause the first

line of that file to be used as the name. The Debian default

is /etc/mailname.

#myorigin = /etc/mailname

smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no

appending .domain is the MUA’s job.

append_dot_mydomain = no

Uncomment the next line to generate “delayed mail” warnings

#delay_warning_time = 4h

readme_directory = no

See http://www.postfix.org/COMPATIBILITY_README.html – default to 2 on

fresh installs.

compatibility_level = 2

TLS parameters

smtpd_tls_cert_file = /etc/postfix/postfix.cert.pem
smtpd_tls_key_file = /etc/postfix/postfix.key.pem
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache

See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for

information on enabling SSL in the smtp client.

smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
myorigin = $mydomain
mailbox_size_limit = 0
recipient_delimiter = +
inet_protocols = all
virtual_alias_maps = hash:/etc/postfix/virtual
sender_bcc_maps = hash:/etc/postfix/bcc
mailbox_command = /usr/bin/procmail-wrapper -o -a $DOMAIN -d $LOGNAME
home_mailbox = Maildir/
smtpd_sasl_auth_enable = yes
broken_sasl_auth_clients = yes
smtpd_recipient_restrictions = permit_mynetworks permit_sasl_authenticated reject_unauth_destination
smtp_tls_security_level = dane
mynetworks_style = subnet
smtpd_tls_CAfile = /etc/postfix/postfix.ca.pem
smtpd_error_sleep_time = 5s
myhostname = host.fqdn.com.au
mydestination = $myhostname, $mydomain, localhost.$mydomain, fqdn.com.au, localhost.fqdn.com.au, localhost
default_process_limit = 2
mydomain = fqdn.com.au

oh woops yes i did post this already…what about the commented line

#virtual_alias_domains = hash:/etc/postfix/virtual_domains