Mail bounced (user unknow in virtual mailbox table)

I get this error when sending emails to 2 domain defined in the email section of a NS7b2 server

Sep 30 17:45:33 fo-n7b2-lab postfix/smtpd[6940]: NOQUEUE: reject: RCPT from localhost[]: 550 5.1.1 Recipient address rejected: User unknown in virtual mailbox table; from=paolo@folab.local proto=ESMTP helo=<>

Both domain are configured to be delivered locally

The users are taken from an AD domain (windows 2012 DC) and the email address is defined on the ad user setting

Nevertheless when I look at the users section in NG i see

any clue or advice to get it working ?

by the way … the same config with a 6.8ENT is working fine.


you need to create the right alias on NS for domain

Sorry for asking … mine is probably a stupid question, but since using 6.8 Enterprise version this was not necessary I’m curious to know if this is a specific feature of the enterprise or if is just a new way of working … also seems that aliases made using distribution groups in AD are not taken in NG 7. Can someone clarify ?
Thanks in advance.

1 Like

In ns7 mail addresses are no longer read from the AD LDAP. All aliases must be defined from the new “Email addresses” module.

1 Like

This looks like a step back … may I ask why this project choice ?

ns7 was designed with less requirements against the domain account provider, to ease deploying it on different environments.

We cannot modify directly a LDAP entry in Active Directory, for instance the user’s mail address. For that reason we must keep the mail address in our database.

As a bonus, in ns7 the username is a valid email address itself. If the domain is a valid DNS domain it is ready to receive mail messages!

1 Like

You should not modify, but actually just read it.
Also note that Microsoft best practices warn against using valid DNS domain as internal domain name.

Right, but …also to read that field we need an authenticated client. We tried this solution on ns6, but ended up with a complex configuration I don’t want to maintain on ns7, too.

Absolutely agree, for AD those are the guidelines to follow!

However we don’t have such restrictions with OpenLDAP.

1 Like

Hi @paolo,
the information that @Stefano_Zamboni and @davidep gave you, they help you solve the problem?

Yes, but they say that you can use a subdomain of your FQDN.


Thank you those are very useful articles!

Because the DNS names of all the nodes that require name resolution include the Internet DNS domain name for the organization, choose an Internet DNS domain name that is short and easy to remember. Because DNS is hierarchical, DNS domain names grow when you add subdomains to your organization. Short domain names make the computer names easy to remember.

If the organization has an Internet presence, use names that are relative to the registered Internet DNS domain name. For example, if you have registered the Internet DNS domain name, use a DNS domain name such as for the intranet domain name.come

For your Active Directory Domain Name, use a subdomain of your public domain.

1 Like

2 posts were split to a new topic: Read AD to determine the user’s email address

This topic was automatically closed 2 days after the last reply. New replies are no longer allowed.