Zimbra 5 install on CentOS 5 / MX Record

[phoenix]

The ports question would depend what you want to expose to the outside world, there's a list in the wiki here. For instance, I only use https for the web UI (443), an IMAP client (993) and an extra submissions port (587) plus port 25. That should be all you need to use.

For the DNS you need to be careful what you specify, the zone you want is the domain name fairhavenchurch.org and not mail.fairhavenchurch.org The mail.fairhavenchurch.org is the FQDN (Fully Qualified Domain Name) of the server which consists of the server name (mail) and the domain name (fairhavenchurch.org), the distinction is important. When I first set-up Zimbra on my server I used the DNS in a Nutshell thread (specifically post 2 in there) to configure BIND as I wanted to use that DNS server for external resolution for my LAN machines.

Does that cover what you need to get started?

[uxbod]

If you are running your own DNS then you could also look at setting up internet/external views within BIND. Have a read of this BIND manual page

[MrBryce2000]

Ok, let me just explain the network setup. Maybe that will clear up some things.

I have a server that is the proxy server, filter, and firewall for the Internet access (Squid, Dansguardian, iptables). One NIC is the internal LAN, the other is the DSL (soon to be changed) connection to the outside. This server is currently the one that I planned to use for Zimbra. I have a smaller server that will be able to handle the Internet demands, which will make the Zimbra server now internal.

The address mail.fairhavenchurch.org currently points to an external POP3 email service. We want that to point to our Zimbra server to handle the email.

So, this is what I am thinking. If mail.fairhavenchurch.org will eventually point to the IP address of our DSL (69.xx.xx.xx), then I need to forward that traffic to the internal Zimbra server's IP address (192.168.xx.xx), right?

So, what ports do I need to forward in iptables, and what settings must I do in BIND?

I apologize for being so blunt, but my back is against a wall, and I need a straight answer if possible.

Thank you again! You've all been very helpful!

[uxbod]

From that the proposal by Phoenix will work just fine

[phoenix]

Quote:

Originally Posted by MrBryce2000

The address mail.fairhavenchurch.org currently points to an external POP3 email service.

You mean that you collect the email from this service vai POP3, it's just another mail server isn't it? Pointing the DNS records at your new Zimbra server will do just fine, I would suggest not making any external DNS changes until you have the Zimbra server working on your LAN, once you're happy it's working you can change the DNS.

Quote:

Originally Posted by MrBryce2000

So, what ports do I need to forward in iptables, and what settings must I do in BIND?

I thought my post above had answered those questions?

Quote:

Originally Posted by MrBryce2000

I apologize for being so blunt, but my back is against a wall, and I need a straight answer if possible.

Thank you again! You've all been very helpful!

OK, what timescale are you working to?

[MrBryce2000]

Aargh! Ok, the same problem still exists. Another server is now handling the Internet traffic, I followed the DNS in a Nutshell instructions, but Zimbra's sql server still won't resolve the name. I am totally confused!

I'm relatively new to setting up DNS in CentOS, so maybe I'm doing something wrong.

[phoenix]

So what you've done is install Zimbra on another CentOS5 server inside the LAN, is that correct? You've also made sure that the Firewall and SElinux are disabled on this server? Let's start with the obvious questions, what is the specification of this server? Do you have any errors in the Zimbra install logs? What do the foloowing show:

Code:

host `hostname`
dig yourdomain.com mx
dig yourdomain.com any

Post the details here and the DNS configuration files you used. When yopu post that information could you wrap each piece in 'Code' (just highlight a piece of text and hit the # symbol above) as it makes it easier to read.

[MrBryce2000]

This is the server that was handling the Internet traffic as well, but I moved that to another server. So this one is inside the LAN now. Yes, the firewall and SElinux are disabled.

The Zimbra install logs show an error connecting to the sql server. The zimbramyinit log shows that it could not conect because it could not resolve the hostname.

Thank you again for your help! I will get you the other information shortly. One possibly ignorant question, I set the hostname of my server (during the CentOS install) to mail.fairhavenchurch.org Would that cause an issue?

[phoenix]

Quote:

Originally Posted by MrBryce2000

Thank you again for your help! I will get you the other information shortly. One possibly ignorant question, I set the hostname of my server (during the CentOS install) to mail.fairhavenchurch.org Would that cause an issue?

Providing that your DNS records reflect the hostname and domain name there should be no problem. Please also post the details of your /etc/hosts file.

[MrBryce2000]

Ok, here is the information you requested:

Code:

[root@mail ~]# host 'mail.fairhavenchurch.org'
mail.fairhavenchurch.org has address 192.168.1.153

Code:

[root@mail ~]# dig fairhavenchurch.org mx

; <<>> DiG 9.3.3rc2 <<>> fairhavenchurch.org mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 26698
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 1

;; QUESTION SECTION:
;fairhavenchurch.org.           IN      MX

;; ANSWER SECTION:
fairhavenchurch.org.    38400   IN      MX      10 mail.fairhavenchurch.org.

;; AUTHORITY SECTION:
fairhavenchurch.org.    38400   IN      NS      mail.fairhavenchurch.org.

;; ADDITIONAL SECTION:
mail.fairhavenchurch.org. 38400 IN      A       192.168.1.153

;; Query time: 16 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Apr 20 16:45:51 2008
;; MSG SIZE  rcvd: 88

Code:

[root@mail ~]# dig fairhavenchurc.org any

; <<>> DiG 9.3.3rc2 <<>> fairhavenchurc.org any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58926
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;fairhavenchurc.org.            IN      ANY

;; AUTHORITY SECTION:
org.                    0       IN      SOA     a0.org.afilias-nst.info. noc.afilias-nst.info. 2008132579 1800 900 604800 86400

;; Query time: 66 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sun Apr 20 16:46:42 2008
;; MSG SIZE  rcvd: 99

DNS Configuration files:

Code:

options {
	directory "/etc";
	pid-file "/var/run/named/named.pid";
};

zone "." {
	type hint;
	file "/etc/db.cache";
	};

controls {
	};
include "/etc/rndc.key";
zone "fairhavenchurch.org" {
	type master;
	file "/var/named/fairhavenchurch.org.hosts";
	};

Code:

$ttl 38400
@	IN	SOA	mail.fairhavenchurch.org. root.mail.fairhavenchurch.org. (
			2005110200
			10800
			3600
			604800
			38400 )
@	      IN	NS	mail.fairhavenchurch.org.
@             IN        MX     10 mail.fairhavenchurch.org.
@	      IN	A	192.168.1.153
mail IN        A       192.168.1.153
mail1       IN	      CNAME	mail
mail2       IN        CNAME     mail

HOSTS file:

Code:

# Do not remove the following line, or various programs
# that require network functionality will fail.
192.168.1.153	mail.fairhavenchurch.org	mail
localhost.localdomain	localhost	
::1	localhost6.localdomain6	localhost6

Thank you again so much for your help!