Problem on security policy

[jskim]

Hello,


My company has been using Zimbra (version 6.0.6) as email server. I have a lot of works in my company such as managed email server, programming coding, etc.

I have a question about Zimbra.
- Zimbra can’t receive email message about special domain name (e.g., xxx@sk.com, yyy@skcomms.com, zzz@skcc.co.kr, and aaa@neoplus.co.kr, etc.). That is, Zimbra is able to send mail (i.e., outgoing mail) from my company to outside. However, Zimbra is not able to receive mail (i.e., incoming mail) from outside to my company. I don’t know how to control Zimbra. If you know that, please let me know that.

[Error Message]
The mail server (mail.metaoooo.co.kr) can’t receive email message from xxx@sk.com, yyy@skcomms.com, zzz@skcc.co.kr, and aaa@neoplus.co.kr. Microsoft Exchanger can’t receive the message for customer because of problem on security policy.


Okay, I am looking to hearing from you soon.
Thanks.

Sincerely,


Kim, J.S.


P.S.: I attached zmlocalconfig of Zimbra.

[phoenix]

Please update your forum profile with the output of the following command (do not post the output in this thread):

Code:

zmcontrol -v

You zmlocalconfig file is of no use in debugging your problem, you should look in the log files and see what errors you received when the attempt was made to deliver an email from those servers.

I've also never seen the error messages you've posted, where did it come from? It's also out-of-context and doesn't necessarily show what the problem is.

[jskim]

Hi, Bill


I have a received your message. Thanks.
I checked your advice.

First, zmcontrol –v

[zimbra@mail log]$ zmcontrol -v

Release 6.0.6_GA_2324.RHEL5_20100406144520 CentOS5 FOSS edition.


Second, I checked zimbra.log (/var/log/zimbra.log). Unfortunately, I have not confirmed to receive aaa@neoplus.co.kr, bbb@skcc.co.kr, ccc@sk.com, and ddd@skcomms.com in zimbra.log. For more details, these emails are email address of internal company.

I have the same thing your thinking that this situation can never occurred. I wonder to able normal action how to control Zimbra. I would like to receive these emails as soon as quickly.

------------------------------------------------------
Best regards

Kim, J.S.

P.S. : I attached zimbra.log(partial log).

[phoenix]

Quote:

Originally Posted by jskim

[zimbra@mail log]$ zmcontrol -v

Release 6.0.6_GA_2324.RHEL5_20100406144520 CentOS5 FOSS edition.

That information needs to go in your forum profile so we don't have to keep asking which version of Zimbra you're running.

Quote:

Originally Posted by jskim

Second, I checked zimbra.log (/var/log/zimbra.log). Unfortunately, I have not confirmed to receive aaa@neoplus.co.kr, bbb@skcc.co.kr, ccc@sk.com, and ddd@skcomms.com in zimbra.log. For more details, these emails are email address of internal company.

What server did the initial error message you posted come from? Was it from your Zimbra server, an external server or another server on your LAN? If it's from another server, how did you get it? Have you disabled SElinux on your Zimbra server?

[veronica]

Somehow I couldnt locate MX record for these domains: -

> skcomms.com
Server: ns1-blr3.eng.vmware.com
Address: 10.112.0.1

skcomms.com
primary name server = ns1.livedns.co.uk
responsible mail addr = administrator.skcomms.com
serial = 2010102212
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 86400 (1 day)
>

[jskim]

Hi, Veronica


I have a received your message, Thanks.
I have a few questions. Can you explain to me? Please…..

1. How to be configured MX record? Actually, I try to check to locate MX record for these domains(aaa@neoplus.co.kr, bbb@skcc.co.kr, ccc@sk.com, and ddd@skcomms.com). However, I don’t know how to be configured MX record.


Response Veronica >>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>>
Somehow I couldnt locate MX record for these domains: -

> skcomms.com
Server: ns1-blr3.eng.vmware.com
Address: 10.112.0.1

skcomms.com
primary name server = ns1.livedns.co.uk
responsible mail addr = administrator.skcomms.com
serial = 2010102212
refresh = 10800 (3 hours)
retry = 3600 (1 hour)
expire = 604800 (7 days)
default TTL = 86400 (1 day)


2. I read incoming mail problems (Incoming Mail Problems - Zimbra :: Wiki) through Web. Like incoming mail problems, I changed to un-checked “enable DNS Lookups” on the MTA tab under Server configuration on the Zimbra Admin console. This requires a relay MTA to be configured somewhere that will accept all outbound email. However, Our Co. Zimbra couldn’t be implemented normal operation such as incoming/outcoming email. Why couldn’t be implemented normal operation?


If you know that, please let me know that.


------------------------------------------------------
Best regards

Kim, J.S.

P.S. : I attached image file about un-checked “enable DNS Lookups” on the MTA tab.