Problem with relay_recipient_maps and canonical.

Hello,

When sender sends e-mail to nonexistent user (nonexisten in
relay_recipient_maps)
johnyb@domena.pl, postfix reject such mail with error code 550 - it is
correct.
Domain @domena.pl isn't at canonical table.

The problem is as follow:
When sender sends e-mail to nonexistent user (nonexisten in
relay_recipient_maps)
johnyb@domena.com.pl or johnyb@domena.net.pl, postfix accept such
message!
Both domains are at canonical table - and postfix at this situation
dasn't
lookup at relay_recipient_maps.

The question is as follow:
Why postfix dasn't check relay_recipient_maps when the domain is at
canonical table
and accept e-mails for nonexistent recipients?

Thanks for any help,
Krzysztof

Here are my configs:
#--------------------------------------
Postfix ver.2.3.3, platform RH ES4 or FC5
postconf -n shows:

alias_database = hash:/etc/aliases
alias_maps = hash:/etc/aliases
canonical_maps = hash:/etc/postfix/canonical
command_directory = /usr/sbin
config_directory = /etc/postfix
daemon_directory = /usr/libexec/postfix
debug_peer_level = 1
debug_peer_list = domena.pl,domena.com.pl
html_directory = no
inet_interfaces = all
mail_owner = postfix
mailq_path = /usr/bin/mailq.postfix
manpage_directory = /usr/share/man
mydestination = $myhostname, localhost.$mydomain, localhost
newaliases_path = /usr/bin/newaliases.postfix
queue_directory = /var/spool/postfix
readme_directory = /usr/share/doc/postfix-2.3.3/README_FILES
relay_domains = domena.pl,domena.com.pl,domena.net.pl
relay_recipient_maps = hash:/etc/postfix/relay_recipient_maps
sample_directory = /usr/share/doc/postfix-2.3.3/samples
sendmail_path = /usr/sbin/sendmail.postfix
setgid_group = postdrop
transport_maps = hash:/etc/postfix/transport
unknown_local_recipient_reject_code = 550


The files are as follow:
#--------------------------------------
# /etc/postfix/canonical:
@domena.com.pl @domena.pl
@domena.net.pl @domena.pl

#--------------------------------------
# /etc/postfix/relay_recipient_maps:
user1@domena.pl OK
user2@domena.pl OK
user3@domena.pl OK

#--------------------------------------
# /etc/postfix/transport:
domena.pl smtp:carina.domena.pl

#--------------------------------------
Debug - when domain is at canonical table:
#--------------------------------------
smtpd[13975]: < sagitta.domena.pl[10.0.11.65]: RCPT To:
<nosuchrecipient@domena.com.pl>
smtpd[13975]: extract_addr: input: <nosuchrecipient@domena.com.pl>
smtpd[13975]: smtpd_check_addr: addr=nosuchrecipient@domena.com.pl
smtpd[13975]: send attr request = rewrite
smtpd[13975]: send attr rule = local
smtpd[13975]: send attr address = nosuchrecipient@domena.com.pl
smtpd[13975]: private/rewrite socket: wanted attribute: flags
smtpd[13975]: input attribute name: flags
smtpd[13975]: input attribute value: 0
smtpd[13975]: private/rewrite socket: wanted attribute: address
smtpd[13975]: input attribute name: address
smtpd[13975]: input attribute value: nosuchrecipient@domena.com.pl
smtpd[13975]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13975]: input attribute name: (end)
smtpd[13975]: rewrite_clnt: local: nosuchrecipient@domena.com.pl ->
nosuchrecipient@domena.com.pl
smtpd[13975]: send attr request = resolve
smtpd[13975]: send attr sender =
smtpd[13975]: send attr address = nosuchrecipient@domena.com.pl
smtpd[13975]: private/rewrite socket: wanted attribute: flags
smtpd[13975]: input attribute name: flags
smtpd[13975]: input attribute value: 0
smtpd[13975]: private/rewrite socket: wanted attribute: transport
smtpd[13975]: input attribute name: transport
smtpd[13975]: input attribute value: relay
smtpd[13975]: private/rewrite socket: wanted attribute: nexthop
smtpd[13975]: input attribute name: nexthop
smtpd[13975]: input attribute value: domena.com.pl
smtpd[13975]: private/rewrite socket: wanted attribute: recipient
smtpd[13975]: input attribute name: recipient
smtpd[13975]: input attribute value: nosuchrecipient@domena.com.pl
smtpd[13975]: private/rewrite socket: wanted attribute: flags
smtpd[13975]: input attribute name: flags
smtpd[13975]: input attribute value: 2048
smtpd[13975]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13975]: input attribute name: (end)
smtpd[13975]: resolve_clnt: `' -> `nosuchrecipient@domena.com.pl' ->
transp=`relay' host=`domena.com.pl'
rcpt=`nosuchrecipient@domena.com.pl' flags= class=relay
smtpd[13975]: ctable_locate: install entry key
nosuchrecipient@domena.com.pl
smtpd[13975]: extract_addr: in: <nosuchrecipient@domena.com.pl>,
result: nosuchrecipient@domena.com.pl
smtpd[13975]: send attr request = rewrite
smtpd[13975]: send attr rule = local
smtpd[13975]: send attr address = postmaster
smtpd[13975]: private/rewrite socket: wanted attribute: flags
smtpd[13975]: input attribute name: flags
smtpd[13975]: input attribute value: 0
smtpd[13975]: private/rewrite socket: wanted attribute: address
smtpd[13975]: input attribute name: address
smtpd[13975]: input attribute value: postmaster@spectra.domena.pl
smtpd[13975]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13975]: input attribute name: (end)
smtpd[13975]: rewrite_clnt: local: postmaster ->
postmaster@spectra.domena.pl
smtpd[13975]: >>> START Recipient address RESTRICTIONS <<<
smtpd[13975]: generic_checks: name=permit_mynetworks
smtpd[13975]: permit_mynetworks: sagitta.domena.pl 10.0.11.65
smtpd[13975]: match_hostname: sagitta.domena.pl ~? 127.0.0.0/8
smtpd[13975]: match_hostaddr: 10.0.11.65 ~? 127.0.0.0/8
smtpd[13975]: match_hostname: sagitta.domena.pl ~? 172.31.103.0/24
smtpd[13975]: match_hostaddr: 10.0.11.65 ~? 172.31.103.0/24
smtpd[13975]: match_hostname: sagitta.domena.pl ~? 10.0.11.64/27
smtpd[13975]: match_hostaddr: 10.0.11.65 ~? 10.0.11.64/27
smtpd[13975]: generic_checks: name=permit_mynetworks status=1
smtpd[13975]: >>> CHECKING RECIPIENT MAPS <<<
smtpd[13975]: ctable_locate: leave existing entry key
nosuchrecipient@domena.com.pl
smtpd[13975]: maps_find: recipient_canonical_maps:
nosuchrecipient@domena.com.pl: not found
smtpd[13975]: match_string: domena.com.pl ~? spectra.domena.pl
smtpd[13975]: match_string: domena.com.pl ~? localhost.domena.pl
smtpd[13975]: match_string: domena.com.pl ~? localhost
smtpd[13975]: match_list_match: domena.com.pl: no match
smtpd[13975]: maps_find: recipient_canonical_maps: @domena.com.pl: not
found
smtpd[13975]: mail_addr_find: nosuchrecipient@domena.com.pl -> (not
found)
smtpd[13975]: maps_find: canonical_maps: nosuchrecipient@domena.com.pl:
not found
smtpd[13975]: match_string: domena.com.pl ~? spectra.domena.pl
smtpd[13975]: match_string: domena.com.pl ~? localhost.domena.pl
smtpd[13975]: match_string: domena.com.pl ~? localhost
smtpd[13975]: match_list_match: domena.com.pl: no match
canonical(0,lock|fold_fix): @domena.com.pl = @domena.pl
smtpd[13975]: mail_addr_find: nosuchrecipient@domena.com.pl ->
@domena.pl
smtpd[13975]: smtpd_check_rewrite: trying: permit_inet_interfaces
smtpd[13975]: permit_inet_interfaces: sagitta.domena.pl 10.0.11.65
smtpd[13975]: before input_transp_cleanup: cleanup flags =
enable_header_body_filter enable_automatic_bcc enable_address_mapping
enable_milters
smtpd[13975]: after input_transp_cleanup: cleanup flags =
enable_header_body_filter enable_automatic_bcc enable_address_mapping
smtpd[13975]: connect to subsystem public/cleanup
smtpd[13975]: public/cleanup socket: wanted attribute: queue_id
smtpd[13975]: input attribute name: queue_id
smtpd[13975]: input attribute value: F3A8E90179
smtpd[13975]: public/cleanup socket: wanted attribute: (list
terminator)
smtpd[13975]: input attribute name: (end)
smtpd[13975]: send attr flags = 50
smtpd[13975]: F3A8E90179: client=sagitta.domena.pl[10.0.11.65]
smtpd[13975]: > sagitta.domena.pl[10.0.11.65]: 250 2.1.5 Ok
smtpd[13975]: < sagitta.domena.pl[10.0.11.65]: DATA
smtpd[13975]: > sagitta.domena.pl[10.0.11.65]: 354 End data with
<CR><LF>.<CR><LF>
smtpd[13975]: public/cleanup socket: wanted attribute: status
cleanup[13978]: F3A8E90179:
message-id=<20061110102251.F3A8E90179@spectra.domena.pl>
qmgr[13950]: F3A8E90179: from=<test@example.com>, size=458, nrcpt=1
(queue active)
smtpd[13975]: input attribute name: status
smtpd[13975]: input attribute value: 0
smtpd[13975]: public/cleanup socket: wanted attribute: reason
smtpd[13975]: input attribute name: reason
smtpd[13975]: input attribute value: (end)
smtpd[13975]: public/cleanup socket: wanted attribute: (list
terminator)
smtpd[13975]: input attribute name: (end)
smtpd[13975]: > sagitta.domena.pl[10.0.11.65]: 250 2.0.0 Ok: queued as
F3A8E90179
smtpd[13975]: < sagitta.domena.pl[10.0.11.65]: QUIT

--------------------------------------
Debug when domain isn't at canonical table - it works correctly:
#--------------------------------------

smtpd[13887]: connect from sagitta.domena.pl[10.0.11.65]
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 127.0.0.0/8
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 127.0.0.0/8
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 172.31.103.0/24
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 172.31.103.0/24
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 10.0.11.64/27
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 10.0.11.64/27
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 220 spectra.domena.pl
ESMTP Postfix
smtpd[13887]: < sagitta.domena.pl[10.0.11.65]: EHLO example.com
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-spectra.domena.pl
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-PIPELINING
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-SIZE 10240000
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-VRFY
smtpd[13887]: match_list_match: sagitta.domena.pl: no match
smtpd[13887]: match_list_match: 10.0.11.65: no match
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-ETRN
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-ENHANCEDSTATUSCODES
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250-8BITMIME
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250 DSN
smtpd[13887]: < sagitta.domena.pl[10.0.11.65]: MAIL From:
<test@example.com>
smtpd[13887]: extract_addr: input: <test@example.com>
smtpd[13887]: smtpd_check_addr: addr=test@example.com
smtpd[13887]: connect to subsystem private/rewrite
smtpd[13887]: send attr request = rewrite
smtpd[13887]: send attr rule = local
smtpd[13887]: send attr address = test@example.com
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 0
smtpd[13887]: private/rewrite socket: wanted attribute: address
smtpd[13887]: input attribute name: address
smtpd[13887]: input attribute value: test@example.com
smtpd[13887]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13887]: input attribute name: (end)
smtpd[13887]: rewrite_clnt: local: test@example.com -> test@example.com
smtpd[13887]: send attr request = resolve
smtpd[13887]: send attr sender =
smtpd[13887]: send attr address = test@example.com
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 0
smtpd[13887]: private/rewrite socket: wanted attribute: transport
smtpd[13887]: input attribute name: transport
smtpd[13887]: input attribute value: smtp
smtpd[13887]: private/rewrite socket: wanted attribute: nexthop
smtpd[13887]: input attribute name: nexthop
smtpd[13887]: input attribute value: example.com
smtpd[13887]: private/rewrite socket: wanted attribute: recipient
smtpd[13887]: input attribute name: recipient
smtpd[13887]: input attribute value: test@example.com
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 4096
smtpd[13887]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13887]: input attribute name: (end)
smtpd[13887]: resolve_clnt: `' -> `test@example.com' -> transp=`smtp'
host=`example.com' rcpt=`test@example.com' flags= class=default
smtpd[13887]: ctable_locate: install entry key test@example.com
smtpd[13887]: extract_addr: in: <test@example.com>, result:
test@example.com
smtpd[13887]: fsspace: .: block size 4096, blocks free 237451
smtpd[13887]: smtpd_check_queue: blocks 4096 avail 237451 min_free 0
msg_size_limit 10240000
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 250 2.1.0 Ok
smtpd[13887]: < sagitta.domena.pl[10.0.11.65]: RCPT To:
<nosuchrecipient@domena.pl>
smtpd[13887]: extract_addr: input: <nosuchrecipient@domena.pl>
smtpd[13887]: smtpd_check_addr: addr=nosuchrecipient@domena.pl
smtpd[13887]: send attr request = rewrite
smtpd[13887]: send attr rule = local
smtpd[13887]: send attr address = nosuchrecipient@domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 0
smtpd[13887]: private/rewrite socket: wanted attribute: address
smtpd[13887]: input attribute name: address
smtpd[13887]: input attribute value: nosuchrecipient@domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13887]: input attribute name: (end)
smtpd[13887]: rewrite_clnt: local: nosuchrecipient@domena.pl ->
nosuchrecipient@domena.pl
smtpd[13887]: send attr request = resolve
smtpd[13887]: send attr sender =
smtpd[13887]: send attr address = nosuchrecipient@domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 0
smtpd[13887]: private/rewrite socket: wanted attribute: transport
smtpd[13887]: input attribute name: transport
smtpd[13887]: input attribute value: smtp
smtpd[13887]: private/rewrite socket: wanted attribute: nexthop
smtpd[13887]: input attribute name: nexthop
smtpd[13887]: input attribute value: carina.domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: recipient
smtpd[13887]: input attribute name: recipient
smtpd[13887]: input attribute value: nosuchrecipient@domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 2048
smtpd[13887]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13887]: input attribute name: (end)
smtpd[13887]: resolve_clnt: `' -> `nosuchrecipient@domena.pl' ->
transp=`smtp' host=`carina.domena.pl' rcpt=`nosuchrecipient@domena.pl'
flags= class=relay
smtpd[13887]: ctable_locate: install entry key
nosuchrecipient@domena.pl
smtpd[13887]: extract_addr: in: <nosuchrecipient@domena.pl>, result:
nosuchrecipient@domena.pl
smtpd[13887]: send attr request = rewrite
smtpd[13887]: send attr rule = local
smtpd[13887]: send attr address = postmaster
smtpd[13887]: private/rewrite socket: wanted attribute: flags
smtpd[13887]: input attribute name: flags
smtpd[13887]: input attribute value: 0
smtpd[13887]: private/rewrite socket: wanted attribute: address
smtpd[13887]: input attribute name: address
smtpd[13887]: input attribute value: postmaster@spectra.domena.pl
smtpd[13887]: private/rewrite socket: wanted attribute: (list
terminator)
smtpd[13887]: input attribute name: (end)
smtpd[13887]: rewrite_clnt: local: postmaster ->
postmaster@spectra.domena.pl
smtpd[13887]: >>> START Recipient address RESTRICTIONS <<<
smtpd[13887]: generic_checks: name=permit_mynetworks
smtpd[13887]: permit_mynetworks: sagitta.domena.pl 10.0.11.65
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 127.0.0.0/8
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 127.0.0.0/8
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 172.31.103.0/24
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 172.31.103.0/24
smtpd[13887]: match_hostname: sagitta.domena.pl ~? 10.0.11.64/27
smtpd[13887]: match_hostaddr: 10.0.11.65 ~? 10.0.11.64/27
smtpd[13887]: generic_checks: name=permit_mynetworks status=1
smtpd[13887]: >>> CHECKING RECIPIENT MAPS <<<
smtpd[13887]: ctable_locate: leave existing entry key
nosuchrecipient@domena.pl
smtpd[13887]: maps_find: recipient_canonical_maps:
nosuchrecipient@domena.pl: not found
smtpd[13887]: match_string: domena.pl ~? spectra.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost
smtpd[13887]: match_list_match: domena.pl: no match
smtpd[13887]: maps_find: recipient_canonical_maps: @domena.pl: not
found
smtpd[13887]: mail_addr_find: nosuchrecipient@domena.pl -> (not found)
smtpd[13887]: maps_find: canonical_maps: nosuchrecipient@domena.pl: not
found
smtpd[13887]: match_string: domena.pl ~? spectra.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost
smtpd[13887]: match_list_match: domena.pl: no match
smtpd[13887]: maps_find: canonical_maps: @domena.pl: not found
smtpd[13887]: mail_addr_find: nosuchrecipient@domena.pl -> (not found)
smtpd[13887]: maps_find: virtual_alias_maps: nosuchrecipient@domena.pl:
not found
smtpd[13887]: match_string: domena.pl ~? spectra.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost
smtpd[13887]: match_list_match: domena.pl: no match
smtpd[13887]: maps_find: virtual_alias_maps: @domena.pl: not found
smtpd[13887]: mail_addr_find: nosuchrecipient@domena.pl -> (not found)
smtpd[13887]: maps_find: relay_recipient_maps:
nosuchrecipient@domena.pl: not found
smtpd[13887]: match_string: domena.pl ~? spectra.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost.domena.pl
smtpd[13887]: match_string: domena.pl ~? localhost
smtpd[13887]: match_list_match: domena.pl: no match
smtpd[13887]: maps_find: relay_recipient_maps: @domena.pl: not found
smtpd[13887]: mail_addr_find: nosuchrecipient@domena.pl -> (not found)
smtpd[13887]: NOQUEUE: reject: RCPT from sagitta.domena.pl[10.0.11.65]:
550 5.1.1 <nosuchrecipient@domena.pl>: Recipient address rejected: User
unknown in relay recipient table; from=<test@example.com>
to=<nosuchrecipient@domena.pl> proto=ESMTP helo=<example.com>
smtpd[13887]: > sagitta.domena.pl[10.0.11.65]: 550 5.1.1
<nosuchrecipient@domena.pl>: Recipient address rejected: User unknown
in relay recipient table
smtpd[13887]: < sagitta.domena.pl[10.0.11.65]: QUIT