OK, got it working now, that Thunderbird receives mail.
with
First problem was, I was confused by virtual_alias_maps (map incoming email addresses -> outgoing) and virtual_mailbox_maps (list which outgoing email adresses should go to virtual_transport = dovecot).
Second, there was in the postfix log
status=deferred (temporary failure. Command output: Can't open log file /var/log/dovecot.log: Permission denied )
This actually comes from /usr/local/libexec/dovecot/deliver which cannot write into root owned dovecot.log.
This can be
solved by own log files for deliver:
protocol lda {
# remember to give proper permissions for these files as well
log_path = /var/log/dovecot-lda-errors.log
info_log_path = /var/log/dovecot-lda.log
}
Lastly there was this strange error
Error: client doesn't have lookup permissions for this user: userdb reply doesn't contain uid (to bypass this check, set: service auth { unix_listener /var/run/dovecot/auth-userdb { mode=0777 } })
which could be fixed
by
unix_listener auth-userdb {
group = vpostfix
mode = 0660
}
Dovecot makes you jump through so many hoops that I fear each workaround might open another security hole.