Hello,

here is postoconf -nf

alias_database = hash:/etc/postfix/aliases
alias_maps = hash:/etc/postfix/aliases
biff = no
body_checks = regexp:/etc/postfix/body_checks
broken_sasl_auth_clients = yes
command_directory = /usr/sbin
compatibility_level = 3.6
daemon_directory = /usr/libexec/postfix
data_directory = /var/lib/postfix
disable_vrfy_command = yes
dovecot_destination_recipient_limit = 1
enable_long_queue_ids = no
html_directory = no
inet_interfaces = all
inet_protocols = ipv4 ipv6
mail_owner = postfix
mailbox_size_limit = 0
mailq_path = /usr/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 51200000
meta_directory = /etc/postfix
milter_default_action = accept
milter_mail_macros = i {mail_addr} {client_addr} {client_name} {auth_authen}
milter_protocol = 6
myhostname = mail.domain.com
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
newaliases_path = /usr/bin/newaliases
non_smtpd_milters = $smtpd_milters
proxy_read_maps = $local_recipient_maps $virtual_alias_maps
    $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains
    $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps
    $recipient_canonical_maps $relocated_maps transport_maps $mynetworks
queue_directory = /var/spool/postfix
readme_directory = no
receive_override_options = no_address_mappings
recipient_delimiter = +
relay_recipient_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
sample_directory = /etc/postfix
sendmail_path = /usr/sbin/sendmail
setgid_group = postdrop
shlib_directory = no
smtp_enforce_tls = yes
smtp_sasl_security_options = noanonymous
smtp_tls_cert_file = /etc/dehydrated/certs/domain.com/fullchain.pem
smtp_tls_key_file = /etc/dehydrated/certs/domain.com/privkey.pem
smtp_tls_security_level = may
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
smtp_use_tls = yes
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
smtpd_client_restrictions = cidr:/etc/postfix/cidr_client_access, permit
smtpd_delay_reject = yes
smtpd_discard_ehlo_keyword_address_maps = cidr:/etc/postfix/esmtp_access
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, permit_sasl_authenticated,
    check_helo_access hash:/etc/postfix/helo_checks, permit
smtpd_milters = unix:/var/run/rspamd/milter.sock
smtpd_recipient_restrictions = permit_mynetworks, permit_sasl_authenticated,
    reject_unauth_destination, check_helo_access hash:/etc/postfix/helo_checks,
    check_sender_access hash:/etc/postfix/helo_checks, check_recipient_access
    pcre:/etc/postfix/recipient_checks.pcre, reject_invalid_hostname,
    reject_unverified_recipient, reject_unauth_pipelining,
    reject_unknown_sender_domain, reject_unknown_recipient_domain,
    reject_unlisted_sender, reject_unauth_destination, reject_non_fqdn_hostname,
    reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_rbl_client
    cbl.abuseat.org, reject_rbl_client dnsbl-1.uceprotect.net, reject_rbl_client
    bl.spamcop.net, reject_rbl_client iadb.isipp.com, reject_rbl_client
    dnsbl.sorbs.net, reject_rbl_client plus.bondedsender.org, permit
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated
    defer_unauth_destination
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_exceptions_networks = !127.0.0.0/8 ![::ffff:127.0.0.0]/104 ![::1]/128
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_tls_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_tls_auth_only = yes
smtpd_tls_cert_file = /etc/dehydrated/certs/domain.com/fullchain.pem
smtpd_tls_dh1024_param_file = /etc/postfix/ssl/dhparams.pem
smtpd_tls_key_file = /etc/dehydrated/certs/domain.com/privkey.pem
smtpd_tls_loglevel = 1
smtpd_tls_mandatory_ciphers = medium
smtpd_tls_mandatory_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_protocols = !SSLv2, !SSLv3, !TLSv1, !TLSv1.1
smtpd_tls_received_header = yes
smtpd_tls_security_level = may
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtpd_use_tls = yes
strict_rfc821_envelopes = yes
tls_medium_cipherlist =
    ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384
tls_preempt_cipherlist = no
virtual_alias_maps = proxy:mysql:/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:1001
virtual_mailbox_base = /var/spool/postmail
virtual_mailbox_domains = proxy:mysql:/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_maps = proxy:mysql:/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_transport = lmtp:unix:private/dovecot-lmtp
virtual_uid_maps = static:1002

and aslo here alias conf mysql_virtual_alias_maps.cf :
user = postfix
password = postfix
hosts = localhost
dbname = postfix
query = SELECT goto FROM alias WHERE address='%s' AND active = '1'

and here is the test:
$ postmap -q to_alias@domain.com mysql:/etc/postfix/mysql_virtual_alias_maps.cf
to@domain.com

Have a great weekend,
Chris


На сб, 9.04.2022 г. в 17:42 ч. Benny Pedersen <me@junc.eu> написа:
On 2022-04-09 16:20, John Doe wrote:

> I have the problem with aliases. The emails did not delivery to
> correct email. I send email to email: to_alias@domain.com that is
> valid alias and email should be sent to real email folder:
> to@domain.com. Dovecot creating to_alias folder and deliver the emails
> there. Here is the email log: / did not see to@domain.com below /

its not a dovecot problem, problem is solved in postfix to expand alias
before sending to dovecot

postconf -nf for more help here or on postfix-maillist

#me2too aswell mis that dovecot could expand alias on its own, specially
usefull for dovecot quotas