Relaying mails

[raui71]

Hello,

I've got Zimbra (Community Edition) running on a dabian-server with a fixed public IP. The server was told, to manage three non-commercial tld-domains. All of the config works fine, but not sending mails over port 25. The server is intended to act as a ISP-Server.

The users are not able to send mails, using the standard smtp-Port. They always get "relay access denied" after sending mail(s). Till now I didn't find a solution in the WIKI or in the forum that handles my problem (maybe I understood something wrong or I used the wrong words to search for).

I would appreciate getting some tips/links, what paramters in the config have to be changed, that allows me to send mails using this server.

If further informations are needed, pls let me know.

Regards
Raui

[uxbod]

Welcome to the forums

Are you running a Split DNS - Zimbra :: Wiki ? Please post the following information

Code:

cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain mx
dig yourdomain any
host `hostname` <- note backticks and not single quotes

[phoenix]

Quote:

Originally Posted by raui71

The users are not able to send mails, using the standard smtp-Port. They always get "relay access denied" after sending mail(s).

Your users should not be using the standard Port 25 to relay mail, they should use the correct submission port which is 587 in their mail clients (that will require them to Authenticate to send mail). You should also look in the log files for details of the exact errors you're seeing.

[raui71]

@uxbod:

Here are the results:

Quote:

cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
# Auto-generated hostname. Please do not remove this comment.
66.77.88.99 h1234567.server.net h1234567

cat /etc/resolv.conf
nameserver 11.12.13.14
nameserver 15.16.17.18


dig domain1.com mx
; <<>> DiG 9.4.2-P2 <<>> domain1.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7048
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; QUESTION SECTION:
;domain1.com. IN MX

;; ANSWER SECTION:
domain1.com. 1800 IN MX 10 domain1.com.

;; ADDITIONAL SECTION:
domain1.com. 1800 IN A 66.77.88.99

;; Query time: 40 msec
;; SERVER: *.*.*.7#53(*.*.*.7)
;; WHEN: Tue Nov 23 11:54:48 2010
;; MSG SIZE rcvd: 61


dig domain1.com any

; <<>> DiG 9.4.2-P2 <<>> domain1.com any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 50723
;; flags: qr rd ra; QUERY: 1, ANSWER: 5, AUTHORITY: 0, ADDITIONAL: 3

;; QUESTION SECTION:
;domain1.com. IN ANY

;; ANSWER SECTION:
domain1.com. 1800 IN NS ns2.server.net.
domain1.com. 1800 IN MX 10 domain1.com.
domain1.com. 1800 IN SOA ns.server.net. hostmaster.server.net. 2010111501 10000 14400 604800 1800
domain1.com. 1800 IN NS ns.server.net.
domain1.com. 1800 IN A 66.77.88.99

;; ADDITIONAL SECTION:
ns2.server.net. 1263 IN A 81.169.148.41
domain1.com. 1800 IN A 66.77.88.99
ns.server.net. 1263 IN A 81.169.163.40

;; Query time: 41 msec
;; SERVER: *.*.*.7#53(*.*.*.7)
;; WHEN: Tue Nov 23 11:55:23 2010
;; MSG SIZE rcvd: 207


host `hostname`
h1234567.server.net A 66.77.88.99

The server is a virtual-server (*.server.net), hosted by an ISP. We are limited in changing DNS-recordsets. Do have a suggestion, what we can do, to send mails over port 25? The result of dig on each domain (domain#.com), wich is registered on this server, is similar as shown above, except the name of the domain (domain1.com).



@phoenix:
The reason because of we are trying to be able to send mails over port 25 is, that the f***ing Microsoft Mail Clients (Outlook, Outlook Express, Live Mail) are not able to accept the selfsigned certs as thunderbird it does. Till now we didn't find a solution or a workaround, to suppress the "security"-warnings, which appear when sending/receiving mails by using the secure ports. If you can provide a solution, I would be greatful. In that case, I would prefer, as you suggest, that the mailusers uses the secure ports.

Regards
Raui