Since I woke up just before taxlady went to bed, she had a chance to tell me that some of her mail was behaving badly. After a couple of hours playing around, it turns out that there was a place where I needed to say 'If all else fails, use the defaults' in my config.

Otherwise, Postfix tries to guess how to handle mail for domains that don't have explicit transport policies (but would be handled by the default transport policies). Up until now it has always worked because it was doing DNS lookup on the mail addresses, finding out that the only registered mail server for those addresses had the same IP address as its canonical home address and therefor checking to see if local delivery worked -- which it always did.

Now though, hendrikboom has set up a secondary mail server that handles all of my domains, not just the pooq one (which has an explicit policy). So, when mail would come in for certain addresses that used to be handled, they would bounce. This is because when Postfix did its check, it would see multiple IP addresses to which the mail could go, and would therefor conclude the mail was non-local, and would want to Relay to one of the servers on the list. Of course, most relays are forbidden, and so some folks have been getting relay rejected messages when sending to certain legal, yet obscure email addresses. (ie, webmaster@domain).

Anyway, it all seems to be working correctly now, and I'm feeling quite proud that I was able to diagnose and fix that on only 5 hours sleep, and before I'd even read the morning funnies. Speaking of which...