How to set up FQDN correctly?
Hi,
I'm trying to setup a FQDN (fully qualified domain name) to be able to send mail from my Linode.
I've created an IPv4 A and IPv6 AAAA record for the [hostname].[domain].[tld] and now I need to edit the host file on Debian.
What confuses me is that it currently looks like this:
127.0.0.1 localhost.localdomain localhost
[linode_ipv4_ip] [hostname].[other_domain].[tld] [hostname]
[linode_ipv6_ip] [hostname].[other_domain].[tld] [hostname]
::1 localhost ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
Should I simply add the FQDN on the second line and leave the rest? Please note that the domain name is different than the one already on lines 2 to 3.
127.0.1.1 [hostname].[domain].[tld] [hostname] // line 2
And how do I add an FQDN for IPv6? What's the right syntax?
Thanks.
12 Replies
I've created an IPv4 A and IPv6 AAAA record for the [hostname].[domain].[tld] and now I need to edit the host file on Debian.
If you create A/AAAA records, you don't need entries in your /etc/hosts file…that's what A/AAAA records are for. The reason for having them is explained below.
And how do I add an FQDN for IPv6? What's the right syntax?
It's the same syntax for both.
Here's my /etc/hosts file:
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost localhost.localdomain ip4-localhost ip4-loopback
255.255.255.255 broadcasthost
# The following lines are desirable for IPv6 capable hosts
#
::1 localhost localhost.localdomain ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
#
1.2.3.4 dave mydomain.com mail.mydomain.com
1.2.3.4 www.mydomain.com rspamd.mydomain.com
1:2::3:4:5:6 dave mydomain.com mail.mydomain.com
1:2::3:4:5:6 www.mydomain.com rspamd.mydomain.com
Everything else is handled with DNS. My primary domain name is mydomain.com (set in an SOA record). My mail server is mail.mydomain.com (set in an MX record). I have several NS records that correspond to the 5 Linode name servers. I have the following A/AAAA records:
Hostname IP Address TTL
-------- ---------- ---
mydomain.com 1.2.3.4 Default
mydomain.com 1:2::3:4:5:6 Default
dave 1.2.3.4 Default
dave 1:2::3:4:5:6 Default
mail 1.2.3.4 Default
mail 1:2::3:4:5:6 Default
rspamd 1.2.3.4 Default
rspamd 1:2::3:4:5:6 Default
www 1.2.3.4 Default
www 1:2::3:4:5:6 Default
So, my Linode has the following domain names:
The reason for these entries:
#
1.2.3.4 dave mydomain.com mail.mydomain.com
1.2.3.4 www.mydomain.com rspamd.mydomain.com
1:2::3:4:5:6 dave mydomain.com mail.mydomain.com
1:2::3:4:5:6 www.mydomain.com rspamd.mydomain.com
are in /etc/hosts is to speed up name resolution for each of the names for software running on my Linode. (so it's a performance hack).
For a mail server, you'll need to set up rDNS, SPF, DKIM and DMARC. The Cloud Manager allows you to set up rDNS (but it doesn't show it to you). SPF, DKIM and DMARC data are all set in TXT records.
-- sw
If you create A/AAAA records, you don't need entries in your /etc/hosts file…that's what A/AAAA records are for. The reason for having them is explained below.
Now I'm even more confused… The Linode rDNS guide states that I first need to decide which FQDN to use for rDNS. And in the Linode Hostname guide, it than states that the FQDN is setup in /etc/hosts
?
So what do I need to enter as rDNS, simply [hostname].[domain].[tld]
that exists as A/AAAA record?
Thank you for your elaborate reply, @stevewi!
And in the Linode Hostname guide, it than states that the FQDN is setup in
/etc/hosts
?
Honestly, it's been so long since I've done this, Linode is probably right… However, the entries I gave in my example provide this (the FQDN I used for rDNS was mail.mydomain.com)…as well as the performance hack I described.
So what do I need to enter as rDNS, simply [hostname].[domain].[tld] that exists as A/AAAA record?
Yes. The entity requesting the rDNS information will decide whether to use IPv4 or IPv6. It's not your job to worry about how someone is querying information that you provide.
Just FYI, these /etc/hosts entries:
#
1.2.3.4 dave mydomain.com mail.mydomain.com
1.2.3.4 www.mydomain.com rspamd.mydomain.com
1:2::3:4:5:6 dave mydomain.com mail.mydomain.com
1:2::3:4:5:6 www.mydomain.com rspamd.mydomain.com
actually appear in the file as:
1.2.3.4 dave mydomain.com mail.mydomain.com www.mydomain.com rspamd.mydomain.com
1:2::3:4:5:6 dave mydomain.com mail.mydomain.com www.mydomain.com rspamd.mydomain.com
I split them for readability. They could alternatively appear like this:
1.2.3.4 dave
1.2.3.4 mydomain.com
1.2.3.4 mail.mydomain.com
1.2.3.4 www.mydomain.com
1.2.3.4 rspamd.mydomain.com
etc.
-- sw
Hi @stevewi,
I've managed to successfully setup rDNS, DKIM and DMARC and to send email from root@[hostname].[domain].[tld]
to test it all.
SPF isn't working somehow though?
I've setup a TXT record for it: v=spf1 mx a:[hostname].[domain].[tld] -all
, but it doesn't pass the test. The DKIM Test returns None for SPF.
No records found for given DNS query
I haven't setup any MX or CNAME records yet.
What I eventually want is my email addresses to be [user]@[domain].[tld], not [user]@[hostname].[domain].[tld]. Is that somehow feasible?
SPF isn't working somehow though?
You can check your record for validity at:
https://mxtoolbox.com/spf.aspx
What I eventually want is my email addresses to be [user]@[domain].[tld], not [user]@[hostname].[domain].[tld]. Is that somehow feasible?
You need to create A/AAAA records for domain.tld as I have in my example (mydomain.com). Then you need to set up your mail accounts correctly.
-- sw
I did the check and the SPF record passes with flying colors, no idea why it fails the other test.
Under MX no value is listed in the table, is that because I haven't defined any MX records yet?
I'm confused how to set those up.
For "Mail Server" do I set [hostname].[domain].[tld], since that is the FQDN and has a A/AAAA records, and for subdomain nothing?
And what do I need to set a CNAME record for?
What's the "Hostname" and what is "Alias to"?
Thanks for your reply and tremendous help, @stevewi.
I did the check and the SPF record passes with flying colors, no idea why it fails the other test.
Mine looks like this:
v=spf1 +a +mx ~all
Under MX no value is listed in the table, is that because I haven't defined any MX records yet?
Yes. This could be why your SPF checks don't work.
For "Mail Server" do I set [hostname].[domain].[tld], since that is the FQDN and has a A/AAAA records, and for subdomain nothing?
For my mail server, I have listed mail.mydomain.com. Here's the relevant section of my main.cf file for postfix governing this:
# INTERNET HOST AND DOMAIN NAMES
#
# The myhostname parameter specifies the internet hostname of this
# mail system. The default is to use the fully-qualified domain name
# from gethostname(). $myhostname is used as a default value for many
# other configuration parameters.
#
#myhostname = host.domain.tld
#myhostname = virtual.domain.tld
# sw - my host name
#
myhostname = mail.mydomain.com
# The mydomain parameter specifies the local internet domain name.
# The default is to use $myhostname minus the first component.
# $mydomain is used as a default value for many other configuration
# parameters.
#
#mydomain = domain.tld
# sw - my domain
#
mydomain = mydomain.com
# SENDING MAIL
#
# The myorigin parameter specifies the domain that locally-posted
# mail appears to come from. The default is to append $myhostname,
# which is fine for small sites. If you run a domain with multiple
# machines, you should (1) change this to $mydomain and (2) set up
# a domain-wide alias database that aliases each user to
# user@that.users.mailhost.
#
# For the sake of consistency between sender and recipient addresses,
# myorigin also specifies the default domain name that is appended
# to recipient addresses that have no @domain part.
#
# Debian GNU/Linux specific: Specifying a file name will cause the
# first line of that file to be used as the name. The Debian default
# is /etc/mailname.
#
#myorigin = /etc/mailname
#myorigin = $myhostname
#myorigin = $mydomain
# sw - my origin
#
myorigin = $mydomain
And what do I need to set a CNAME record for?
I don't have one. Here's the definition…
I suppose I could've accomplished the www.mydomain.com <=> mydomain.com and the mail.mydomain.com <=> mydomain.com equivalencies with CNAME records. I opted to use A/AAAA records for this…as I showed previously. I set all this up like 10 years ago; it's evolved little; it's worked well for me and I understand it…
-- sw
Are 1.2.3.4
and 1:2::3:4:5:6
in your examples above substitutes for your Linode IPv4 and IPv6 addresses?
Thanks again, @stevewi.
Yes. This is a public forum and you never know who's viewing so I don't like to publish my IP addresses. 1.2.3.4 belongs to the APNIC De-bogon Project. 1:2::3:4:5:6 is an IETF reserved address.
mydomain.com is not my real domain either.
-- sw
I've created A/AAAA records for mail.[domain].[tld], added an MX record for it (without subdomain), and edited /etc/hosts to be more like yours:
127.0.0.1 localhost.localdomain localhost
# The following lines are desirable for IPv6 capable hosts
::1 localhost localhost.localdomain ip6-localhost ip6-loopback
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
#
1.2.3.4 [hostname] [domain].[tld] www.[domain].[tld] mail.[domain].[tld]
1:2::3:4:5:6 [hostname] [domain].[tld] www.[domain].[tld] mail.[domain].[tld]
Then I changed the rDNS for both IPv4 and IPv6 to mail.[domain].[tld].
The SPF TXT record is now: v=spf1 mx a:mail.[domain].[tld] -all
I left the DMARC and DKIM TXT records and DKIM as they were. The same goes for the opendkim configuration and keys. If I'm not mistaken only [domain].[tld] was used while configuring the latter.
After that I edited /etc/postfix/main.cf to reflect what you proposed above:
myhostname = mail.[domain].[tld] # added by me
myorigin = [domain].[tld] # added by me
smtpd_banner = $myhostname ESMTP $mail_name (Debian/GNU)
biff = no
# appending .domain is the MUA's job.
append_dot_mydomain = no
# Uncomment the next line to generate "delayed mail" warnings
#delay_warning_time = 4h
readme_directory = no
# See http://www.postfix.org/COMPATIBILITY_README.html -- default to 2 on
# fresh installs.
compatibility_level = 2
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
# See /usr/share/doc/postfix/TLS_README.gz in the postfix-doc package for
# information on enabling SSL in the smtp client.
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
#myhostname = [hostname].[domain].[tld]
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
#myorigin = /etc/mailname
mydestination = $myhostname, [domain].[tld], [hostname].[domain].[tld], localhost.[domain].[tld], localhost
relayhost =
mynetworks = 127.0.0.0/8 [::ffff:127.0.0.0]/104 [::1]/128
mailbox_size_limit = 0
recipient_delimiter = +
inet_interfaces = all
inet_protocols = all
# Milter configuration
milter_default_action = accept
milter_protocol = 6
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
I'm now unable to send any mail. ;)
Here's the /var/log/mail.log:
Jan 8 12:01:18 [hostname] postfix/master[2212]: daemon started -- version 3.4.23, configuration /etc/postfix
Jan 8 12:01:23 [hostname] postfix/pickup[2215]: 573961FAE9: uid=0 from=<root@[hostname]>
Jan 8 12:01:23 [hostname] postfix/cleanup[2221]: warning: connect to Milter service inet:localhost:12301: Connection refused
Jan 8 12:01:23 [hostname] postfix/cleanup[2221]: 573961FAE9: message-id=<20230108110123.573961FAE9@mail.[domain].[tld]>
Jan 8 12:01:23 [hostname] postfix/qmgr[2216]: 573961FAE9: from=<root@[hostname]>, size=408, nrcpt=1 (queue active)
Jan 8 12:01:24 [hostname] postfix/smtp[2223]: 573961FAE9: to=<[email]@riseup>, relay=mx1.riseup.net[198.252.153.129]:25, delay=1.3, delays=0.02/0.01/1.1/0.18, dsn=5.5.2, status=bounced (host mx1.riseup.net[198.252.153.129] said: 504 5.5.2 <root@[hostname]>: Sender address rejected: need fully-qualified address (in reply to RCPT TO command))
Jan 8 12:01:24 [hostname] postfix/cleanup[2221]: BEE261FAEE: message-id=<20230108110124.BEE261FAEE@mail.[domain].[tld]>
Jan 8 12:01:24 [hostname] postfix/qmgr[2216]: BEE261FAEE: from=<>, size=2512, nrcpt=1 (queue active)
Jan 8 12:01:24 [hostname] postfix/bounce[2224]: 573961FAE9: sender non-delivery notification: BEE261FAEE
Jan 8 12:01:24 [hostname] postfix/qmgr[2216]: 573961FAE9: removed
Jan 8 12:01:24 [hostname] postfix/smtp[2223]: BEE261FAEE: to=<root@prometheus>, relay=none, delay=0, delays=0/0/0/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=[hostname] type=AAAA: Host not found)
Jan 8 12:01:24 [hostname] postfix/qmgr[2216]: BEE261FAEE: removed
The main issue seems to be with the now missing FQDN, which leads to my mails getting rejected by the destination server.
Why isn't [mail].[domain].[com] recognized as FQDN?
Do you have any more suggestions?
Have a nice Sunday, @stevewi!
Are you still having issues? You're question is marked Solved…
added an MX record for it (without subdomain)
I believe an MX record needs to be a complete FQDN: host.domain.tld. Mine is mail.mydomain.com.
You have a milter specified:
smtpd_milters = inet:localhost:12301
non_smtpd_milters = inet:localhost:12301
but your log says postfix can't talk to it:
Jan 8 12:01:23 [hostname] postfix/cleanup[2221]: warning: connect to Milter service inet:localhost:12301: Connection refused
Change your milter specification to:
smtpd_milters = # inet:localhost:12301
non_smtpd_milters = # inet:localhost:12301
and restart postfix.
Also, turn off TLS until you get stuff working. Comment out this stuff:
# TLS parameters
smtpd_tls_cert_file=/etc/ssl/certs/ssl-cert-snakeoil.pem
smtpd_tls_key_file=/etc/ssl/private/ssl-cert-snakeoil.key
smtpd_use_tls=yes
smtpd_tls_session_cache_database = btree:${data_directory}/smtpd_scache
smtp_tls_session_cache_database = btree:${data_directory}/smtp_scache
and comment out
smtpd_relay_restrictions = permit_mynetworks permit_sasl_authenticated defer_unauth_destination
You generally DON'T want a mail host to be a relay (this will cause lots of pain). Replace the above with:
# sw - this host does not relay mail
#
relayhost =
relay_domains =
You want the mail host to be the final destination for mail destined for it so change:
mydestination = $myhostname, [domain].[tld], [hostname].[domain].[tld], localhost.[domain].[tld], localhost
to
# sw - my allowed mail destinations
#
mydestination = localhost localhost.localdomain
Lastly, I don't see where you've told postfix how to look up user accounts. Here's a section from my main.cf that explains that:
# REJECTING MAIL FOR UNKNOWN LOCAL USERS
#
# The local_recipient_maps parameter specifies optional lookup tables
# with all names or addresses of users that are local with respect
# to $mydestination, $inet_interfaces or $proxy_interfaces.
#
# If this parameter is defined, then the SMTP server will reject
# mail for unknown local users. This parameter is defined by default.
#
# To turn off local recipient checking in the SMTP server, specify
# local_recipient_maps = (i.e. empty).
#
# The default setting assumes that you use the default Postfix local
# delivery agent for local delivery. You need to update the
# local_recipient_maps setting if:
#
# - You define $mydestination domain recipients in files other than
# /etc/passwd, /etc/aliases, or the $virtual_alias_maps files.
# For example, you define $mydestination domain recipients in
# the $virtual_mailbox_maps files.
#
# - You redefine the local delivery agent in master.cf.
#
# - You redefine the "local_transport" setting in main.cf.
#
# - You use the "luser_relay", "mailbox_transport", or "fallback_transport"
# feature of the Postfix local delivery agent (see local(8)).
#
# Details are described in the LOCAL_RECIPIENT_README file.
#
# Beware: if the Postfix SMTP server runs chrooted, you probably have
# to access the passwd file via the proxymap service, in order to
# overcome chroot restrictions. The alternative, having a copy of
# the system passwd file in the chroot jail is just not practical.
#
# The right-hand side of the lookup tables is conveniently ignored.
# In the left-hand side, specify a bare username, an @domain.tld
# wild-card, or specify a user@domain.tld address.
#
#local_recipient_maps = unix:passwd.byname $alias_maps
#local_recipient_maps = proxy:unix:passwd.byname $alias_maps
#local_recipient_maps =
I use dovecot so I hand off actual delivery to that using LMTP. You probably want
local_recipient_maps = unix:passwd.byname $alias_maps
Here's the section about aliases:
# ALIAS DATABASE
#
# The alias_maps parameter specifies the list of alias databases used
# by the local delivery agent. The default list is system dependent.
#
# On systems with NIS, the default is to search the local alias
# database, then the NIS alias database. See aliases(5) for syntax
# details.
#
# If you change the alias database, run "postalias /etc/aliases" (or
# wherever your system stores the mail alias file), or simply run
# "newaliases" to build the necessary DBM or DB file.
#
# It will take a minute or so before changes become visible. Use
# "postfix reload" to eliminate the delay.
#
#alias_maps = dbm:/etc/aliases
#alias_maps = hash:/etc/aliases
#alias_maps = hash:/etc/aliases, nis:mail.aliases
#alias_maps = netinfo:/aliases
# The alias_database parameter specifies the alias database(s) that
# are built with "newaliases" or "sendmail -bi". This is a separate
# configuration parameter, because alias_maps (see above) may specify
# tables that are not necessarily all under control by Postfix.
#
#alias_database = dbm:/etc/aliases
#alias_database = dbm:/etc/mail/aliases
#alias_database = hash:/etc/aliases
#alias_database = hash:/etc/aliases, hash:/opt/majordomo/aliases
You probably want
alias_maps = hash:/etc/aliases
alias_database = hash:/etc/aliases
You need to make sure to run newaliases after you modify /etc/aliases. This will create /etc/aliases.db…which is the actual aliases database/map.
Lastly, this book is a good guide to postfix. It's a bit dated however. The online postfix docs is the final word.
I hope this helps…
-- sw
I believe an MX record needs to be a complete FQDN: host.domain.tld. Mine is mail.mydomain.com.
Yes, I've set it to mail.[domain].[tld], but the subdomain field that can also be filled out is empty.
After changing everything that you mentioned, I still get the error about the missing FQDN:
Jan 8 20:49:39 [hostname] postfix/postfix-script[7710]: starting the Postfix mail system
Jan 8 20:49:39 [hostname] postfix/master[7712]: daemon started -- version 3.4.23, configuration /etc/postfix
Jan 8 20:49:47 [hostname] postfix/pickup[7714]: 3FDE51FAE2: uid=0 from=<root@[hostname]>
Jan 8 20:49:47 [hostname] postfix/cleanup[7722]: warning: Milter service needs transport:endpoint instead of "#"
Jan 8 20:49:47 [hostname] postfix/cleanup[7722]: warning: connect to Milter service inet:localhost:12301: Connection refused
Jan 8 20:49:47 [hostname] postfix/cleanup[7722]: 3FDE51FAE2: message-id=<20230108194947.3FDE51FAE2@mail.diff-arch.net>
Jan 8 20:49:47 [hostname] postfix/qmgr[7715]: 3FDE51FAE2: from=<root@[hostname]>, size=408, nrcpt=1 (queue active)
Jan 8 20:49:47 [hostname] postfix/smtp[7724]: 3FDE51FAE2: to=<[email]@riseup.net>, relay=mx1.riseup.net[198.252.153.129]:25, delay=0.68, delays=0.02/0.01/0.47/0.18, dsn=5.5.2, status=bounced (host mx1.riseup.net[198.252.153.129] said: 504 5.5.2 <root@[hostname]>: Sender address rejected: need fully-qualified address (in reply to RCPT TO command))
Jan 8 20:49:48 [hostname] postfix/cleanup[7722]: 16A921FAEE: message-id=<20230108194948.16A921FAEE@mail.diff-arch.net>
Jan 8 20:49:48 [hostname] postfix/qmgr[7715]: 16A921FAEE: from=<>, size=2512, nrcpt=1 (queue active)
Jan 8 20:49:48 [hostname] postfix/bounce[7725]: 3FDE51FAE2: sender non-delivery notification: 16A921FAEE
Jan 8 20:49:48 [hostname] postfix/qmgr[7715]: 3FDE51FAE2: removed
Jan 8 20:49:48 [hostname] postfix/smtp[7724]: 16A921FAEE: to=<root@[hostname]>, relay=none, delay=0.02, delays=0/0/0.01/0, dsn=5.4.4, status=bounced (Host or domain name not found. Name service error for name=[hostname] type=AAAA: Host not found)
Jan 8 20:49:48 [hostname] postfix/qmgr[7715]: 16A921FAEE: removed
Are you sure about changing mydestination
to localhost localhost.localdomain
, because I don't think that that will correspond to mail.[domain].[tld]?
I'll install dovecot too, but I first want to get basic mail sending going. Otherwise there's no point.
I must have it "Accept Answer" by accident. Sorry.
Yes, I've set it to mail.[domain].[tld], but the subdomain field that can also be filled out is empty.
That's the way mine is too.
Your milter is still not commented out:
Jan 8 20:49:47 [hostname] postfix/pickup[7714]: 3FDE51FAE2: uid=0 from=<root@[hostname]>
Jan 8 20:49:47 [hostname] postfix/cleanup[7722]: warning: Milter service needs transport:endpoint instead of "#"
Jan 8 20:49:47 [hostname] postfix/cleanup[7722]: warning: connect to Milter service inet:localhost:12301: Connection refused
Change
smtpd_milters = # inet:localhost:12301
non_smtpd_milters = # inet:localhost:12301
to
#smtpd_milters = inet:localhost:12301
#non_smtpd_milters = inet:localhost:12301
My bad…sorry…
Are you sure about changing
mydestination
tolocalhost localhost.localdomain
, because I don't think that that will correspond to mail.[domain].[tld]?
My postfix is not a relay. It only delivers mail locally…but I also use virtual domains. Here's the complete section in my main.cf that explains why it's set that way:
# The mydestination parameter specifies the list of domains that this
# machine considers itself the final destination for.
#
# These domains are routed to the delivery agent specified with the
# local_transport parameter setting. By default, that is the UNIX
# compatible delivery agent that lookups all recipients in /etc/passwd
# and /etc/aliases or their equivalent.
#
# The default is $myhostname + localhost.$mydomain + localhost. On
# a mail domain gateway, you should also include $mydomain.
#
# Do not specify the names of virtual domains - those domains are
# specified elsewhere (see VIRTUAL_README).
#
# Do not specify the names of domains that this machine is backup MX
# host for. Specify those names via the relay_domains settings for
# the SMTP server, or use permit_mx_backup if you are lazy (see
# STANDARD_CONFIGURATION_README).
#
# The local machine is always the final destination for mail addressed
# to user@[the.net.work.address] of an interface that the mail system
# receives mail on (see the inet_interfaces parameter).
#
# Specify a list of host or domain names, /file/name or type:table
# patterns, separated by commas and/or whitespace. A /file/name
# pattern is replaced by its contents; a type:table is matched when
# a name matches a lookup key (the right-hand side is ignored).
# Continue long lines by starting the next line with whitespace.
#
# See also below, section "REJECTING MAIL FOR UNKNOWN LOCAL USERS".
#
#mydestination = $myhostname, localhost.$mydomain, localhost
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain
#mydestination = $myhostname, localhost.$mydomain, localhost, $mydomain,
# mail.$mydomain, www.$mydomain, ftp.$mydomain
# sw - my allowed mail destinations
#
mydestination = localhost localhost.localdomain
You might try:
mydestination = $myhostname localhost localhost.localdomain
although that's the default…so you could try commenting out mydestination =
.
As you probably have figured out, postfix configuration is a large amount of trial and error ;-)
Is riseup.net your Linode? Or is prometheus your Linode and riseup.net is a test destination? If it's the latter, have all your DNS records propagated there? If you don't have shell access there, I have no idea how you'd figure that out…
-- sw