local users cannot send mail through zimbra.

[pootle]

Hi All,

First off please don't beat me up too much as I am new to zimbra! Secondly I'm hoping someone can shed some light onto my current issue, I'm running zimbra on ubuntu Hardy Heron (8.04) 32bit.

I have configured zimbra and I can successfully send and receive emails for my zimbra users. However my zimbra server is hosted on the same box as my webserver and when my web applications try to send a mail it doesn't seem to be relayed through zimbra. It looks as if they are going to the default postfix mail queue for the distributions postfix but I might be wrong about that.

I subsequently logged in as a local user on my ubuntu server and tried to send a test mail to an account I know zimbra has successfully delivered mail to. I simply ran mail on the command line and dispatched the message, this too failed to reach the recipient and seemed not to leave the box.

Does anyone know what I've done wrong here ? I really need to be able to dispatch mail from the box from local users and not just zimbra based accounts.

I hope someone can shove me in the right direction.

[pootle]

I've been doing some more digging to try and resolve this but I'm still at at loss
what I have found is when I log into the box as a local user, well call him user , and run the mail command It gets spooled to /var/mail/zimbra.

If i log in as root and peform a mailq I get the following error:

postqueue: warning: Mail system is down -- accessing queue directly

now is i su to zimbra and perform mailq again i get:

mailq is empty

There seems to be a queueing conflict either in the base o/s or zimbra that I can't currently get to the bottom of.

The unforutnate thing is that all mail going out of from my webserver is halted in this queue and is obviously screwing up those sites (user registration etc).

I hope someone can help me resolve this!

[cedbobking]

Do you allow localhost and the local IP address as a mail relays in the Zimbra configuration?

Code:

[zimbra@mail ~]$ zmprov gas -v | grep MtaMyNetworks
zimbraMtaMyNetworks: 127.0.0.0/8 a.b.c.d/32

* where a.b.c.d is the IP of the Zimbra server itself.

If you want other hosts to be able to SMTP through Zimbra, you'll have to add them.

Does iptables only allow SMTP in through the Ethernet adapter but not the loopback interface?

Is the rest of your network configured properly per the Zimbra Collaboration Suite Single Server Installation - Open Source?

Perhaps on the server itself you could try telnet localhost smtp or telnet hostname smtp and create a simple message to yourself. See Simple Mail Transfer Protocol - Wikipedia, the free encyclopedia for basic syntax.

How do you manage to install Zimbra on a HTTP server? Did you tell Zimbra to use ports other than HTTP and HTTPS for its web interface? I would personally avoid that configuration at all costs. If you have no other hardware, perhaps you could use VMware server VMware Server, Virtual Server Consolidation, Free Virtualization server or VirtualBox VirtualBox. Each virtual machine would need it's own IP address bridged to the physical Ethernet adapter.

[pootle]

hi cedbobking,

MtaMyNetworks is set to 127.0.0.0/8 and 192.168.0.0/24

therefore all machines on the 192.168.0.0/24 network will be able to relay through zimbra.

if i telnet to 127.0.0.1 25 i get:

220 machine.domain.com ESMTP Postfix

so the localhost can get access to the postfix server, this works from the root user and the zimbra user. Additionally the default postfix server that is installed is disabled so thats not the issue.

I do have the HTTP front end on HTTPS and the port has been changed to 4443 however I fail to see how that would cause a problem with the postfix configuration on the box as thats the web server and it shouldn't effect how postfix works.

I don't want to use a virtual as that defeats the object for me as I'm wanting to host my services on one machine and not on various virtuals on one machine which although in many cases can be a good solution it's not what I want currently.

[cedbobking]

I just received this as a private message..

Quote:

I see in this post you've recommended adding the Zimbra server IP to the MtaMyNetworks setting. That isn't correct, it should be the LAN subnet (e.g. 192.16.1..0/24) that is in that field.

If the Zimbra server IP is used it's possible for anyone connecting to the Zimbra server to use it as an open relay, that IP should never need to be added to that option.

As it is correct, and it points out potential confusion in my wording, I thought I'd share a detailed explanation of what I mean.

When I say server IP, I mean, at the very least, LAN IP of the server itself, which is part of the LAN subnet in the quote above. Personally, I don' t see why the LAN needs to SMTP messages to Zimbra. I think that everyone ought to use the web interface. For those who want something different, we accommodate Zimbra Outlook Connector, Zimbra Mobile or IMAP. We feel that leaving SMTP open is a bad thing and avoid it at all costs. We feel that the likelihood of a workstation being hijacked to create spam from the LAN to send to the outside world is pretty high. We don't want our Zimbra server to participate.

When we add other IPs to the list, it is for specific things, like the a scanner that can only "scan to email". In that case we only allow SMTP in from that particular device, not the LAN.

Back to your issue...

Since you seem to get the following your networking looks okay. Let me think about what else might be causing routing issues.

Code:

[zimbra@mail ~]$ telnet localhost smtp
Trying 127.0.0.1...
Connected to localhost.localdomain (127.0.0.1).
Escape character is '^]'.
220 mail.mydomain.org ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.
[zimbra@mail ~]$ telnet telnet `hostname` smtp
Trying 66.255.3.135...
Connected to mail.mydomain.org (192.168.0.3).
Escape character is '^]'.
220 mail.mydomain.org ESMTP Postfix
quit
221 2.0.0 Bye
Connection closed by foreign host.
[zimbra@mail ~]$

Did you actually create a message?

Code:

[zimbra@mail ~]$ telnet `hostname` smtp
Trying 192.168.0.3...
Connected to mail.king-thompson.net (192.168.0.3).
Escape character is '^]'.
220 mail.mydomain.org ESMTP Postfix
HELO mail.mydomain.org
250 mail.mydomain.org
MAIL FROM:<cedric@mydomain.org>
250 2.1.0 Ok
RCPT TO:<cedric@mydomain.org>
250 2.1.5 Ok
DATA
354 End data with <CR><LF>.<CR><LF>
From: "Me" <cedric@mydomain.org>
To: Me <cedric@mydomain.org>
Date: today
Subject: Test message

Testing. Testing. 1.. 2.. 3.. Testing.

Cedric
.
250 2.0.0 Ok: queued as 308E2B9C021
QUIT
221 2.0.0 Bye
Connection closed by foreign host.
[zimbra@mail ~]$

This one popped immediately into my inbox.

I'll think about this when time allows and get back with you. Perhaps someone else will come up with suggestions that that might help in the meantime.

[pootle]

The issue is more a queue based thing than the server its self I believe.

I've just tried a really dirty fix to resolve this

I moved the default /etc/postfix to /etc/postfix.dead

and then tried to send a mail via the mail command

this failed as I expected complaining that it couldn't find master.cf

so I made a shambolic link (symbolic link ) to zimbras config directory

ln -s /opt/zimbra/postfix/conf/ /etc/postfix

i then ran mail again and fired it off to a hotmail account i have.

mail testaccount@hotmail.com

subject : test wazz
test mail
.

I then ran mailq and this time saw:

mail queue is empty

now the above is new because usually I'll see it stuck in the mail queue.

Finally I logged into hotmail and low and behold there was a mail there!

Now that seems to be a resolution but I wouldn't call it solved just yet. I'm guessing I need to do a diff between the two master.cf files and see whats going on with the delivery queue to resolve this.

Hopefully for now it'll do as a temporary fix and allow my hosted websites to dispatch mail for now.

[pootle]

I think I've stuffed something up during the installation because this is whats happening now;

I can send out going mail from a local account to the world , bonus!

However local user to local user fails and I believe that mail isn't routing internally and is going out into the ether....

so if i do

mail pootle
subject: root to poot
test mail
.

and then run mailq i see theres no mail queued

if i then log into the pootle account and type mail

theres nothing there! Although the symbolic link is doing something it's not actually working

I tried to set mydestinations to include the local machine by hostname as well as local host but zimbra just overwrites it everytype you do a postfix reload!

This is a really annoying problem as its not worked since the install and I'm pretty certain i did that correctly.

someone? anyone? I can't go much balder but I think i can safely say i've found of clump of hair to tear out over this!!

[pootle]

HAHA!!! SUCCESS!!!

I think i just solved it , it is an issue with the mydestination flag in postfix!

I did a quick search on here and found the following to be bloody useful in setting this up:

command : zmprov gacf zimbraMtaMyDestination
result : zimbraMtaMyDestination: localhost

the above displays the current settings and therefore I know my domains are missing!

command : zmprov mcf zimbraMtaMyDestination 'localhost, additional.domain.com'

command : zmprov gacf zimbraMtaMyDestination
result : zimbraMtaMyDestination: localhost, additional.domain.com
command: libexec/zmmtaconfig mta
command: postconf mydestination
result: mydestination = localhost, additional.domain.com


It now seems to work, local mail is going to local users and all mail domains can relay mail out to the internet as well! I believe this is fixed and once I've confirmed that local services are dispatching mail correctly I'll mark this as solved! The two steps seem to be the symbolic link and adding the domains.
I'll do more testing to confirm!