Well, the case seems simple but I can’t find a satisfactory answer.
I have a Postfix/Dovecot installation with the later configured to work with virtual emails which works like a charm… for virtual users who do not have an account on the server.
To make things clearer, let’s pick an example: virtualuser is registered in the virtual users’ database (/etc/dovecot/users) and is able to receive and send mails through IMAP and SMTP without any problems. On the other hand, localuser is a regular system user on the server. Now, if I add a new user in the Dovecot’s virtual users database named localuser and try to connect as this virtual-user-with-a-local-alias in IMAP, I get the following error in my logs:
imap: Error: user localuser: Mail access for users with UID 1000 not permitted ([etc]).
It is clear that since Postfix finds a user named localuser in the system users, it tries to authenticates with that user and doesn’t even looks at the virtual users.
So here is the question: how do I have Postfix lookup virtual users before local users?
Is this even possible or am I stuck with a messy configuration mixing local and virtual users?
Best Answer
As I expected, the solution to this was tremendously simple:
/etc/dovecot/conf.d/10-auth.confincludes two files:auth-system.conf.extfor system users, andauth-mydomain.conf.extfor virtual users. The order these files are included is important important, system users lookup after virtual users is easily performed by swapping both lines: