[SOLVED] Installation help - hostnames, domain names and DNS questions

[babysnake]

Hi

I'm a home user with a LAN of mixed M$ and linux clients and for a year or 2 now I've run an Axigen mailserver in my DMZ

It's been an OK rather than a good experience - problems with the mailserver falling over when I'm away and losing mail, plus *endless* issues with ClamAV implementation. Anyway thought I'd try ZCS now

One useful feature I need to retain is as follows. I have 4 users (me, wife, 2 kids) and I've set up MX records in such a way that any email address of the general form whatever@username.mydomain.com arrives on my mailserver and then is sorted using incoming SMTP rules into the correct mailbox

So now I want to move all that functionality over to ZCS. I've read lot's of howtos, wikis and the like and have even tried a test install (which needless to say didn't work, I'm sure coz I messed up on the DNS bit !) so I think I need a bit of help understanding all the nuances of installation

Here goes ...

I've set up the appropriate MX and A records with the ISP who hosts the 2 domains I want to receive mail for

Using online MX and DNS tools I can resolve any email address of the form whatever@user.mydomain.com to my fixed IP and DNS records seem to work too (dig lookups return either my ISP or OpenDNS nameservers) - so that seems OK

Question 1 - hostnames
The ZCS will ultimately collect mail for 2 domains. When I install the base OS (ubuntu 8.04 server) what hostname do I give the server - should it be simply mail, or mail.myfirst_domain.com, or even mail.mysecond_domain.com. ? It seems the ZCS install.sh trys an MX check during install and in my case it should find MX records for both mail.myfirst_domain.com and mail.mysecond_domain.com., so does it matter ?

Question 2 - DNS, DHCP
At the moment my mailserver sits in a DMZ and gets it's IP from the firewall/router via a MAC based DHCP fixed lease. The lease specifies the IP (natch !), the internal IP of the DMZ interface as the gateway and ditto as the DNS server. The firewall/router uses OpenDNS nameservers itself to resolves names and then caches these, acting as a local DNS server for all the LAN/DMZ clients.
However, I'm dead confused as to how I go about adding ZCS and a split DNS to this mix

Question 3 - user.mydomain.com
Where in the config can I set up an incoming filter to redirect mails of the form user.mydomain.com to the appropriate user mailbox ?

I think that's it - certainly if I get the first 2 going properly I'm 9/10 there

Thanks for all and any guidance

/neill

[uxbod]

Welcome to the forums

Well you can call your server whatever you like to be honest eg. zimbra.localdomain.net aslong as a MX and A record are resolvable via your internal split DNS.

If you are creating mailboxes for each of your family then why do you need filters ? If the account exists it will automatically be delivered to the correct mailbox.

[babysnake]

Thanks for the reply

With the server name thing i want it to end up as mail.mydomain.com to match the MX records. the bit i was getting lost with was that it seems that when the installer does the MX check it uses the hostname as the domain name for the check and then offers to change/update the record. when I did a test install i ended up with an MX record for a 6 part hostname !!

The filter bit stems from my experience with Axigen. That automatically sorts mail of the form user@mydomain.com which in effect gives me one email address or i have to manually assign and keep up to date with aliases. With the setup whatever@user.mydomain.com one can use anything at all you like before the @, the MX records get it to my mailserver and then an internal SMTP filter looks for the user part and does the mailbox sorting. That way when if an email becomes a spam trap I can just kill it easily

/neill

[uxbod]

Quote:

Originally Posted by babysnake

With the server name thing i want it to end up as mail.mydomain.com to match the MX records. the bit i was getting lost with was that it seems that when the installer does the MX check it uses the hostname as the domain name for the check and then offers to change/update the record. when I did a test install i ended up with an MX record for a 6 part hostname !!

That is why you will need to run a Wiki :: Split DNS architecture. That way you can call it what you like internally without it affecting externally. I presume you are port forwarding 25/80 or are you NATing ?

Quote:

Originally Posted by babysnake

The filter bit stems from my experience with Axigen. That automatically sorts mail of the form user@mydomain.com which in effect gives me one email address or i have to manually assign and keep up to date with aliases. With the setup whatever@user.mydomain.com one can use anything at all you like before the @, the MX records get it to my mailserver and then an internal SMTP filter looks for the user part and does the mailbox sorting. That way when if an email becomes a spam trap I can just kill it easily

Well, you still point the MX record at your host and if a email comes into a account that does not exist on your server then it will be rejected as recipient not found.

[babysnake]

Yep incoming to my Cisco box on 25 gets NAT'ted to the firewall Red interface and internally forwarded to 25 on the DMZ interface to which the mailserver is directly connected

I'll have another go through the Wiki/Split DNS again tonight and see how I get on

Thanks again

[babysnake]

As for the second bit can I determine how mails that are for 'unknown accounts' are handled rather than just bounced ?

what i want is:

user@mydomain.co.uk -> user mailbox

whatever_i_choose@user.mydomain.co.uk -> user mailbox

someone_weird@mydomain.co.uk -> unknown user -> bounce or whatever

/neill

[uxbod]

If the account is unknown then you could introduce a catch all account ? From there you could vet the email and either just dump it or slap it in the junk bin ?

[babysnake]

Hi

My ZCS Open Source Edition gets all my mail for my domain and works fine

I have MX records that point any mail of the general format:

anything_at_all@user.mydomain.com

to mydomain.com and then with a previous mailserver I was able to set up incoming SMTP rules that basically said "if you get a mail of the form @user.mydomain.com, redirect to "user's" mailbox and ignore the bit before @"

That worked really well and helped with filtering out junk and working out who'd sold on my email address

Now I've moved over to ZCS I'm struggling to work out how I get this same functionality

Can anyone advise ??

Thanks

/neill

[mmorse]

In your other thread uxbod is asking if you'd be ok with a catchall but you never replied...(we'll probably just merge these threads).

Some choices off the top of my head (though there's probably more): catchalls, postfix rules, recipient delimiters, aliases. (I'd personally user delimiters over catchalls to minimize spam, but if you really want any@user.domain.com to work...)

Catchalls:

Quote:

zmprov gd domain.com | grep zimbraId
zmprov cd user.domain.com zimbraDomainType alias zimbraMailCatchAllAddress @user.domain.com zimbraMailCatchAllForwardingAddress @domain.com zimbraDomainAliasTargetId zimbraIdOfDomain.com

If you've already created user.domain.com that's fine, see Managing Domains - Zimbra :: Wiki for how to modify.
Catchalls are a haven for spam though, as soon as a bot knows user.domain.com exists your out of luck/relying on spamassassin very heavily (I for one prefer smtpd_reject_unlisted_recipient=yes so that it checks against your actual account names; it's 'no' by default, but with catchalls a 'yes' won't help you because your getting all mail.)

You can create a user catchall though if you want to set up an account "unprocessed@user.domain.com" to catch any mail not delivered to existing users in the domain "user.domain.com", you can configure the account as a domain catchall.

Quote:

zmprov modifyAccount unprocessed@user.domain.com zimbraMailCatchAllAddress @domain.com

Then your checking 2 accounts, but you can just share a inbox folder with your actual username.

Postfix: Postfix Before-Queue Content Filter or Postfix Configuration - Address Manipulation or others.

Recipient delimiter:

Quote:

zmprov mcf zimbraMtaRecipientDelimiter +
zmcontrol stop
zmcontrol start

Let's you receive mail as user+amazon@domain.com
(Minus - and plus + are two common choices that work in most websites email forum fields.)
Then you can use preferences > filters to sort or discard mail to/cc contains user+amazon@domain.com

Aliases

Quote:

Just zmprov aaa user@domain.com alias@domain.com
then when done
zmprov raa user@domain.com alias@domain.com

Obviously the downside is you'd have to hop on the admin UI or console each time though.

Better yet, random self-generated disposable addresses (even the possibility of time based) - vote for these RFE's:
Bug 28341 - Enduser provisoning and use of anonymous mailboxes
Bug 17404 - Allow users to create aliases for themselves

---
You could combine the above:
Do a 'not-found user catchall' account > share folders with actual account, and turn on recipient delimiter.
So now you have say books+amazon@user.domain.com (where your real account is user@domain.com).
You could also set some filters in the unprocessed@ account to forward any known good mail automatically to the actual account.

[babysnake]

Apologies for not replying about catchalls - i didn't intend to be rude, my bad

Mu understanding of catchall accounts is that anything that would normally get bounced would instead end up in a catchall account

That would work to some degree but isn't really what I'm after

/neill