Send Problem after Upgrade

[KevinH]

Your first post is from /opt/zimbra/log/zimbra.log. That's the tomcat log. I'm asking you to check the POSTFIX log. /var/log/zimbra.log

Please check that log. What did you change in mynetworks?

[tbullock]

Commenting out the 'mynetworks =' statement is a selfish way to fix it

I have 5 subnets here.....now only the one local to zimbra can send out. It will view all other subnets as remote.

Hmmmm.....what am I missing here?

[tbullock]

Sorry for messing up the 'logs'. I did not realize there was another log being written to in 'var'....hang on....lemme check:

May 25 09:39:16 webmail postfix/smtpd[8799]: NOQUEUE: reject: RCPT from localhost.localdomain[127.0.0.1]: 554 <tbullock@telusplanet.net>: Relay access denied; from=<tbullock@avmax.ca> to=<tbullock@telusplanet.net> proto=ESMTP helo=<webmail.avmax-internal.net>

That is one of the standard rejections in /var/log/zimbra.log

[KevinH]

Ok I see the problem, we don't ship a main.cf we make modifications to postfix by using postconf (this writes out a main.cf), by you editing main.cf and/or copying your version over the customized version it's breaking things. If you need to make changes for mynetworks just set zimbraMtamynetworks LDAP attr on the server object rather than editing main.cf.

[tbullock]

Kevin and Company,

Here is what was happening. I am still not 100% that I have things configured to acceptal networking standards or not. And I am still at a loss as to why the GAL is only showing Last Names.

However, as far as the not being able to send from a Zimbra Web Interface the story goes like this:

1. I have 5 subnets on my LAN/WAN. The Zimbra server lives on: 10.2.0.0/20
2. I added to the main.cf the following entry as the upgrade overwrote my previous main.cf:
mynetworks = 10.2.0.0/20, 10.2.16.0/20, 10.2.32.0/20, 10.3.0.0/20, 10.4.0.0/20, 10.0.0.0/16
3. I tried this with and without commas
4. This allowed all my remote subnet users to use their Outlook clients (the diehards) to successfully send e-mail to anywhere
5. Me being a web interface kind of guy was unable send to external addresses.
6. I srewed around with a whole whack of settings to no avail. I cannot even remember half of the things I tried.
7. Eventually, I commented out the 'mynetworks' statement. I could then send from my web interface, but the other 4 subnets obviously began failing.
8. I removed the local subnet (10.2.0.0/20) from the entry: and reloaded postfix. This did not work.
9. I added 127.0.0.1 and I believe it is now working.
10. Mynetworks now reads: mynetworks = 127.0.0.1 10.2.16.0/20 10.2.32.0/20 10.3.0.0/20 10.4.0.0/20 10.0.0.0/16

So I am thinking now, that I should not need to have 127.0.0.1 listed but rather I have something else configured incorrectly after the upgrade that is forcing me to add it.

That is my sad story.

Thank you for your help and I apologize for the cross post.

Cheers,

Travis

[tbullock]

Ouch....so is my main.cf now completely buggered?

[tbullock]

Ok I see the problem, we don't ship a main.cf we make modifications to postfix by using postconf (this writes out a main.cf), by you editing main.cf and/or copying your version over the customized version it's breaking things. If you need to make changes for mynetworks just set zimbraMtamynetworks LDAP attr on the server object rather than editing main.cf.

I am a little bit in the dark in regards to the 'set zimbraMtamynetworks LDAP attr on the server object' part.

I have to go right now, but would like to get some clarification on that tomorrow if possible.

Cheers,

Travis

[jholder]

Yup, you wrote over your good config.

I don't think it's a HUGE issue though. Do you have any backups from prior to the change? If so, extract it, and restore it.

Can you post main.cnf????

If not, go to the wiki and follow the instructions for a backup and restore. That may fix all your changes.

John
FYI: referring to your post: Panic Setting In, it's okay. One time I made a BIG boo boo. I erased zimbra and all my backups while ZCS WAS RUNNING!!!

Mind you, we had some serious stuff in e-mail. I work for a school, and we were involved in litigation with some people, and those e-mails had been subpoenaed. About a week later, I was called into court and cited for obstruction of justice. That’s when you panic….

I am a little bit in the dark in regards to the 'set zimbraMtamynetworks LDAP attr on the server object' part.

I have to go right now, but would like to get some clarification on that tomorrow if possible.

Cheers,

Travis

[tbullock]

wannabetenor,

Here is my main.cf:

content_filter = smtp-amavis:[127.0.0.1]:10024
myhostname = webmail.avmax-internal.net
recipient_delimiter =
smtpd_sasl_auth_enable = yes
smtpd_tls_auth_only = yes
smtpd_use_tls = yes
disable_dns_lookups = no
message_size_limit = 20480000
relayhost =
mynetworks = 127.0.0.1 10.2.0.0/20 10.2.16.0/20 10.2.32.0/20 10.3.0.0/20 10.4.0.0/20 10.0.0.0/16
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unauth_destination, permit
alias_maps = hash:/etc/aliases
broken_sasl_auth_clients = yes
command_directory = /opt/zimbra/postfix-2.2.9/sbin
daemon_directory = /opt/zimbra/postfix-2.2.9/libexec
header_checks = pcre:/opt/zimbra/conf/postfix_header_checks
mailq_path = /opt/zimbra/postfix-2.2.9/sbin/mailq
manpage_directory = /opt/zimbra/postfix-2.2.9/man
newaliases_path = /opt/zimbra/postfix-2.2.9/sbin/newaliases
queue_directory = /opt/zimbra/postfix-2.2.9/spool
sender_canonical_maps = ldap:/opt/zimbra/conf/ldap-scm.cf
sendmail_path = /opt/zimbra/postfix-2.2.9/sbin/sendmail
smtpd_client_restrictions = reject_unauth_pipelining
smtpd_data_restrictions = reject_unauth_pipelining
smtpd_helo_required = yes
smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
smtpd_tls_loglevel = 3
transport_maps = ldap:/opt/zimbra/conf/ldap-transport.cf
version = 2.2.9
virtual_alias_domains = ldap://opt/zimbra/conf/ldap-vad.cf
virtual_alias_maps = ldap:/opt/zimbra/conf/ldap-vam.cf
virtual_mailbox_domains = ldap:/opt/zimbra/conf/ldap-vmd.cf
virtual_mailbox_maps = ldap:/opt/zimbra/conf/ldap-vmm.cf
virtual_transport = error

So what is the proper procedure for editing this file?

I do not have any backups prior to the upgrade *smack*....

The only change I made to the main.cf was to add the 'mynetworks' statement. I still think it is odd that I would have to include both the local subnet (10.2.0.0/20 that Zimbra lives on) and the 127.0.0.1 network to this statement. Well maybe not so much the local......but definitely having to include the loopback is strange is it not?

Have you read the issue I am having with the GAL? Any thoughts on that?

Cheers,

Travis

[KevinH]

To add the zimbraMtaMynetworks LDAP attr you need to use zmprov. So like:

zmprov ms SERVERNAME zimbraMtaMynetworks MYNETWORKS

Not sure on the GAL issue. Can you verify that in the Admin UI you have it set to internal?