С неотправкой почты разобрался - это я после postconf check сменил права на dkim ключи (постконф сказал что надо root) и opendkim не смог их прочесть (запускался с пользователем mailnull)UPD2 (залил текущий конфиг с кучей правил)
> Тогда main.cf в студию. Или выхлоп postconf -n
root@mail:/ # postconf -n
broken_sasl_auth_clients = yes
command_directory = /usr/local/sbin
daemon_directory = /usr/local/libexec/postfix
data_directory = /var/db/postfix
debug_peer_level = 2
debugger_command = PATH=/bin:/usr/bin:/usr/local/bin:/usr/X11R6/bin ddd $daemon_directory/$process_name $process_id & sleep 5
html_directory = /usr/local/share/doc/postfix
mail_owner = postfix
mailq_path = /usr/local/bin/mailq
manpage_directory = /usr/local/man
message_size_limit = 20240000
milter_default_action = accept
mydestination = $myhostname, localhost.$mydomain, localhost
mydomain = domain.net.ua
myhostname = mail.domain.net.ua
mynetworks = 127.0.0.0/8, 172.16.0.0/24, x.x.x.y/32, x.x.x.x/32
mynetworks_style = host
newaliases_path = /usr/local/bin/newaliases
non_smtpd_milters = $smtpd_milters
proxy_read_maps = $local_recipient_maps $mydestination $virtual_alias_maps $virtual_alias_domains $virtual_mailbox_maps $virtual_mailbox_domains $relay_recipient_maps $relay_domains $canonical_maps $sender_canonical_maps $recipient_canonical_maps $relocated_maps $transport_maps $mynetworks $virtual_mailbox_limit_maps
queue_directory = /var/spool/postfix
readme_directory = /usr/local/share/doc/postfix
relay_domains = proxy:mysql:/usr/local/etc/postfix/mysql_relay_domains_maps.cf
sample_directory = /usr/local/etc/postfix
sendmail_path = /usr/local/sbin/sendmail
setgid_group = maildrop
smtp_tls_note_starttls_offer = yes
smtp_use_tls = yes
smtpd_helo_required = yes
smtpd_helo_restrictions = permit_mynetworks, reject_non_fqdn_helo_hostname, reject_invalid_helo_hostname, reject_unknown_helo_hostname
smtpd_milters = inet:127.0.0.1:8891
smtpd_recipient_restrictions = permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unknown_helo_hostname, reject_invalid_hostname, reject_non_fqdn_hostname
smtpd_relay_restrictions = permit_mynetworks, permit_sasl_authenticated, reject_non_fqdn_sender, reject_non_fqdn_recipient, reject_unauth_destination, reject_unauth_pipelining, reject_rbl_client bl.spamcop.net
smtpd_sasl_auth_enable = yes
smtpd_sasl_authenticated_header = yes
smtpd_sasl_local_domain = $myhostname
smtpd_sasl_path = private/auth
smtpd_sasl_security_options = noanonymous
smtpd_sasl_type = dovecot
smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, reject_sender_login_mismatch, permit_sasl_authenticated, reject_non_fqdn_sender, permit_mynetworks
smtpd_tls_CAfile = /usr/local/etc/ssl/postfix/smtpd.pem
smtpd_tls_cert_file = /usr/local/etc/ssl/postfix/smtpd.pem
smtpd_tls_key_file = /usr/local/etc/ssl/postfix/smtpd.pem
smtpd_tls_loglevel = 0
smtpd_tls_received_header = yes
smtpd_tls_session_cache_timeout = 3600s
smtpd_use_tls = yes
soft_bounce = no
tls_random_source = dev:/dev/urandom
transport_maps = hash:/usr/local/etc/postfix/transport
unknown_local_recipient_reject_code = 550
vacation_destination_recipient_limit = 1
virtual_alias_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_alias_maps.cf
virtual_gid_maps = static:125
virtual_mailbox_base = /usr/local/virtual
virtual_mailbox_domains = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_domains_maps.cf
virtual_mailbox_limit = 51200000
virtual_mailbox_limit_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_limit_maps.cf
virtual_mailbox_maps = proxy:mysql:/usr/local/etc/postfix/mysql_virtual_mailbox_maps.cf
virtual_minimum_uid = 125
virtual_transport = virtual
virtual_uid_maps = static:125
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_maildir_limit_message=Sorry, this user has overdrawn their diskspace quota. Please try again later.
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_mailbox_limit_override=yes
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_overquota_bounce=yes
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_create_maildirsize=yes
postconf: warning: /usr/local/etc/postfix/main.cf: unused parameter: virtual_mailbox_extended=yes
UPD3:
С настройками smtpd_sender_restrictions = reject_authenticated_sender_login_mismatch, reject_sender_login_mismatch не работала исходящая почта с ошибкой 5.7.1 Sender address rejected: not owned by user, что очень странно: ведь я отправлял почту от пользователя, под которым и был залогинен. Вот сообщение из maillog:
Nov 16 12:13:29 mail postfix/smtpd[4330]: NOQUEUE: reject: RCPT from localhost[127.0.0.1]: 553 5.7.1 <user1@domain.net.ua>: Sender address rejected: not owned by user user1@domain.net.ua; from=<user1@domain.net.ua> to=<admin@gmail.com> proto=ESMTP helo=<mail.domain.net.ua>
Так что предложенные вами два параметра я уже убрал