dovecot - Jun 2021 - Quota Config With Prefetch Creating Alias Directories

Using Dovecot 2.3.8 with Postfix & MySQL on Centos.

I have a sql table with account info, email addresses, password, quotas, 
etc
I have another sql table for aliases containing which alias points to 
what email address.
For imap access im using passdb password_query with prefetch.

I setup quotas using count and configured postfix to check quotas with 
check_policy_service before accepting email.

Discovered that it wont lookup quotas using prefetch. Added a second 
userdb so quota request can use user_query instead of the imap 
password_query prefetch version.

     userdb {
         driver = sql
         args = /etc/dovecot/mysql_quota.include
         skip = found
         result_success = return-ok
         result_failure = return-ok
     }

This worked for existing email addresses in the accounts table. But any 
email sent to an alias was rejected because user not found. Not by 
postfix, postfix can see its an alias, but when postfix does 
check_policy_service dovecot issued the rejection because its not 
finding the alias in the accounts table per the userdb user_query.

I added "result_failure = return-ok" to the userdb so if user_query 
doesn't find the address postfix is asking to accept mail for, it will 
fall back on quota default values. Then dovecot isn't forcing the mail 
to be rejected and postfix knows if its a valid user or alias. This 
seems to solve the issue, dovecot will return per user quotas or if not 
found then the global quota and let postfix decided whats a valid 
address to accept or reject.

But now there is a side effect. Every time you ask dovecot for a quota, 
and if its a first time use of a newly created account dovecot creates 
the index directories and index files on disk. Because im using 
result_failure=return-ok which tells dovecot the user was found to 
prevent aliases from being rejected, dovecot is also creating 
directories and indexes for those aliases postfix is sending over 
check_policy_service.

First question: Is this the best way to configure dovecot using quota 
verification for postfix to work will aliases?

Second question: How can i prevent directories and indexes being created 
for non found user (aliases) accounts?


Thank you.

> On 06-26-2021 7:39 pm, dovecot at ptld.com wrote:
> 
> First question: Is this the best way to configure dovecot using quota
> verification for postfix to work will aliases?
> 
> Second question: How can i prevent directories and indexes being
> created for non found user (aliases) accounts?
I figured out i was doing it wrong, i removed the "result_failure = 
return-ok" and used "quota_status_nouser = DUNNO" instead.
However, now
i have another concern.

* I setup an email account for user at example.com
* I setup an alias alias at example.com to forward to user at example.com
* I filled up user at example.com inbox so it would fail quota.
* I sent an email to alias at example.com

Postfix did not reject the email, it accepted it and tried to deliver to 
dovecot/lmtp which then rejected the message for being over quota. This 
caused postfix to have to send a back splatter bounce email. Anyway to 
solve that?

But worse, the bounce email exposed the forwarded to address of 
user at example.com saying mailbox full.
"<user at example.com> (expanded from <alias at
example.com>)"

What can be done about that? Keep the bounce notice from exposing the 
forward to address? Or is there still a better way to set this up?