| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
02-26-2009, 06:45 PM
| | | 
Quote:
Originally Posted by cucs8  Although I do have to question your intent on both of these servers acting independently. You accidentally posted your real SMTP namespace a couple posts back and performing a public lookup on your domain shows that both servers are/will be serving the same SMTP namespace. The MX record for mail.mydomain.net has a preference of 10 and mail2.mydomain.net has a preference of 20. If you configure both servers independently, most external email addressed to @mydomain.net is going to be delivered to mail.mydomain.net. If the destined mailbox resides on mail2.mydomain.net instead, those emails are going to NDR as mail.mydomain.net is going to respond "that mailbox is not on my server" and it doesn't know to forward to to mail2.mydomain.net because they aren't configured to share the same namespace using the split domain configuration referenced early on in this thread. | By the way, i have no problems with the mail delivery going to mail2.mydomain.net
There's no problem in the delivery of mails to Zimbra (mail2.mydomain.net / 192.168.1.253)
The problem is i cannot send mail to MDaemon server (mail.mydomain.net / 172.16.0.252 / 192.168.1.252) from Zimbra. But Zimbra can accept mails from Mdaemon. This happens when the Relay MTA is blank.
Once the Relay MTA is filled with the IP of the Mdaemon server (172.16.0.252 or 192.168.1.252), the delivery from Zimbra to Mdaemon gets okay.
When I try to put the IP or FQDN of the Zimbra server to the Relay MTA field, it says it's bouncing back or pointing to same source.
What's with "Relay MTA" feature that makes it work and prevents it when this is left blank?
See below; Quote: Log detail with successful sending (using Zimbra's Relay MTA)
Feb 18 18:00:30 mail2 postfix/smtpd[21263]: connect from localhost[127.0.0.1]
Feb 18 18:00:30 mail2 postfix/smtpd[21263]: 04759126917: client=localhost[127.0.0.1]
Feb 18 18:00:30 mail2 postfix/cleanup[21863]: 04759126917: message-id=<14097701.1081234951229862.JavaMail.root@mail2>
Feb 18 18:00:30 mail2 postfix/qmgr[15289]: 04759126917: from=, size=1398, nrcpt=1 (queue active)
Feb 18 18:00:30 mail2 postfix/smtpd[21263]: disconnect from localhost[127.0.0.1]
Feb 18 18:00:30 mail2 amavis[16129]: (16129-02) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20090218T175853-16129: -> SIZE=1398 Received: from mail2.xxxxxxxxxxxxxxx.net ([127.0.0.1]) by localhost (mail2.xxxxxxxxxxxxxxx.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for ; Wed, 18 Feb 2009 18:00:30 +0800 (PHT)
Feb 18 18:00:30 mail2 amavis[16129]: (16129-02) Checking: NJKgwBrFuqch [127.0.0.1] ->
Feb 18 18:00:32 mail2 postfix/smtpd[21867]: connect from localhost[127.0.0.1]
Feb 18 18:00:32 mail2 postfix/smtpd[21867]: 6AFF3126918: client=localhost[127.0.0.1]
Feb 18 18:00:32 mail2 postfix/cleanup[21863]: 6AFF3126918: message-id=<14097701.1081234951229862.JavaMail.root@mail2>
Feb 18 18:00:32 mail2 postfix/qmgr[15289]: 6AFF3126918: from=, size=1860, nrcpt=1 (queue active)
Feb 18 18:00:32 mail2 postfix/smtpd[21867]: disconnect from localhost[127.0.0.1]
Feb 18 18:00:32 mail2 amavis[16129]: (16129-02) FWD via SMTP: -> ,BODY=7BIT 250 2.6.0 Ok, id=16129-02, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 6AFF3126918
Feb 18 18:00:32 mail2 amavis[16129]: (16129-02) Passed CLEAN, LOCAL [127.0.0.1] [127.0.0.1] -> , Message-ID: <14097701.1081234951229862.JavaMail.root@mail2>, mail_id: NJKgwBrFuqch, Hits: -4.309, size: 1397, queued_as: 6AFF3126918, 2136 ms
Feb 18 18:00:32 mail2 postfix/smtp[21864]: 04759126917: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=2.5, delays=0.35/0/0.01/2.1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 6AFF3126918)
Feb 18 18:00:32 mail2 postfix/qmgr[15289]: 04759126917: removed
Feb 18 18:00:32 mail2 postfix/smtp[21871]: 6AFF3126918: to=, relay=mail.xxxxxxxxxxxxxxx.net[172.16.0.252]:25, delay=0.12, delays=0.06/0/0.05/0.02, dsn=2.0.0, status=sent (250 Ok, message saved )
Feb 18 18:00:32 mail2 postfix/qmgr[15289]: 6AFF3126918: removed
Log detail for CONNECTION REFUSED (not using Zimbra's Relay MTA)
Feb 18 17:43:16 mail2 postfix/smtpd[13635]: connect from localhost[127.0.0.1]
Feb 18 17:43:16 mail2 postfix/smtpd[13635]: 70EBC126919: client=localhost[127.0.0.1]
Feb 18 17:43:16 mail2 postfix/cleanup[13637]: 70EBC126919: message-id=<27437210.841234950196299.JavaMail.root@mail2>
Feb 18 17:43:16 mail2 postfix/qmgr[13618]: 70EBC126919: from=, size=1394, nrcpt=1 (queue active)
Feb 18 17:43:16 mail2 postfix/smtpd[13635]: disconnect from localhost[127.0.0.1]
Feb 18 17:43:16 mail2 amavis[32549]: (32549-03) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20090218T172429-32549: -> SIZE=1394 Received: from mail2.xxxxxxxxxxxxxxx.net ([127.0.0.1]) by localhost (mail2.xxxxxxxxxxxxxxx.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for ; Wed, 18 Feb 2009 17:43:16 +0800 (PHT)
Feb 18 17:43:16 mail2 amavis[32549]: (32549-03) Checking: mr5X7Mxr-9df [127.0.0.1] ->
Feb 18 17:43:17 mail2 postfix/smtpd[13640]: connect from localhost[127.0.0.1]
Feb 18 17:43:17 mail2 postfix/smtpd[13640]: 7746512691B: client=localhost[127.0.0.1]
Feb 18 17:43:17 mail2 postfix/cleanup[13637]: 7746512691B: message-id=<27437210.841234950196299.JavaMail.root@mail2>
Feb 18 17:43:17 mail2 postfix/qmgr[13618]: 7746512691B: from=, size=1856, nrcpt=1 (queue active)
Feb 18 17:43:17 mail2 postfix/smtpd[13640]: disconnect from localhost[127.0.0.1]
Feb 18 17:43:17 mail2 amavis[32549]: (32549-03) FWD via SMTP: -> ,BODY=7BIT 250 2.6.0 Ok, id=32549-03, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7746512691B
Feb 18 17:43:17 mail2 amavis[32549]: (32549-03) Passed CLEAN, LOCAL [127.0.0.1] [127.0.0.1] -> , Message-ID: <27437210.841234950196299.JavaMail.root@mail2>, mail_id: mr5X7Mxr-9df, Hits: -4.302, size: 1393, queued_as: 7746512691B, 1014 ms
Feb 18 17:43:17 mail2 postfix/smtp[13638]: 70EBC126919: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=1.1, delays=0.04/0.01/0/1, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 7746512691B)
Feb 18 17:43:17 mail2 postfix/qmgr[13618]: 70EBC126919: removed
Feb 18 17:43:17 mail2 postfix/smtp[13641]: connect to xxxxxxxxxxxxxxx.net[192.168.1.250]: Connection refused (port 25)
Feb 18 17:43:17 mail2 postfix/smtp[13641]: connect to xxxxxxxxxxxxxxx.net[10.10.10.250]: Connection refused (port 25)
Feb 18 17:43:17 mail2 postfix/smtp[13641]: connect to xxxxxxxxxxxxxxx.net[172.16.0.250]: Connection refused (port 25)
Feb 18 17:43:17 mail2 postfix/smtp[13641]: 7746512691B: to=, relay=none, delay=0.05, delays=0.01/0.02/0.02/0, dsn=4.4.1, status=deferred (connect to xxxxxxxxxxxxxxx.net[172.16.0.250]: Connection refused) | By the way, how can i force my Linux box or Zimbra to point to the correct mail1 server whenever I send a mail to that mail1 server?
Thank you very much again for all your efforts, by the way.
Last edited by emcampos; 02-26-2009 at 06:57 PM..
|
02-27-2009, 11:12 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,316
| |
As cucs8 pointed out earlier, you have no valid MX record pointing to the domain on your Zimbra server. Code: $ dig mydomain.net mx This is your domain name and has no valid records, see ths DNS response below. Code: ; <<>> DiG 9.4.2 <<>> mydomain.net mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 17582
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain.net. IN MX
;; AUTHORITY SECTION:
mydomain.net. 3600 IN SOA pdc.mydomain.net. hostmaster. 35722 900 600 86400 3600
;; Query time: 338 msec
;; SERVER: 192.168.1.250#53(192.168.1.250)
;; WHEN: Thu Feb 26 17:30:28 2009
;; MSG SIZE rcvd: 82 Code: $ dig mail.mydomain.net mx This is a subdomain and gives a valid records but your Zimbra server is not in this subdomain hence the problem above. Code: ; <<>> DiG 9.4.2 <<>> mail.mydomain.net mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28017
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;mail.mydomain.net. IN MX
;; ANSWER SECTION:
mail.mydomain.net. 3600 IN MX 10 mail.mydomain.net.
;; ADDITIONAL SECTION:
mail.mydomain.net. 3600 IN A 172.16.1.252
;; Query time: 0 msec
;; SERVER: 192.168.1.250#53(192.168.1.250)
;; WHEN: Thu Feb 26 17
__________________
Regards
Bill
|
02-28-2009, 04:54 PM
| | |
Quote:
Originally Posted by hagiwhat Why are two mail hosts defined in /etc/hosts ? really not sure what you are trying to do. | this has been fixed already.
now at ;
zimbra@mail2:/home/boss$ cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.1.253 mail2.mydomain.net mail2
BUT SAME THING HAPPENS. It has no effect at all as expected. Anyway, the Zimbra checks DNS server first before looking at etc/hosts file.
In the DNS server, the MX records of mail1 and mail2 servers are well represented.
I believe it's the bug with Zimbra. Can someone help me understand HOW ZIMBRA'S RELAY MTA WORKS? Maybe we can all take it from there since when I fill up the Relay MTA field with the IP of the mail server 1, Zimbra can now send mail to the mail1 server. Before we get lost let's review these concerns;
1) PROBLEM: When Relay MTA is blank, Zimbra (2nd mail server) cant send mail to Mdaemon (1st mail server), but Mdaemon can send mail to Zimbra. But no problem on inbound and outbound traffic for Yahoo Mail as well Zimbra's own.
2) When Zimbra's Relay MTA is filled with IP of Mdaemon, Zimbra can now send mail to Mdaemon.
3) Both servers's MX record (Mdaemon @ 172.16.0.252 / ZImbra @ 192.168.1.253) are represented in the local DNS server (192.168.1.3). Nslookup on
mail.mydomain.net and mail2.mydomain.net confirms this.
4) MAIN OBJECTIVE: Make Zimbra fully independent from MDaemon (not relying on Relay MTA, thru Mdaemon, for sending mail of any kind)
Fellows, I am getting disgusted about why not one from Zimbra can answer me that question which I've have already asked 3 times already.
Bottomline is, its a bug in Zimbra's...since i was not bothered by this when I installed SquirrelMail with all the same configurations. Bottomline, .... it's ZIMBRA'S BUG .... and RELAY MTA is where the answer lies.
So, what's with Relay MTA?
Last edited by emcampos; 02-28-2009 at 07:29 PM..
|
03-02-2009, 06:31 AM
| | Intermediate Member | |
Posts: 17
| |
I'm not sure how I can spell it out any clearer than I have previously. You do not have an MX record for mydomain.net on your internal DNS servers. You have MX records for mail.mydomain.net and mail2.mydomain.net. An MX exists for an SMTP domain and returns the address of the server that serves it. Right now your MX record for the Mdaemon server is defined for the SMTP address spaces @mail.mydomain.net. You have to delete that MX record and re-add it for @mydomain.net, not @mail1.mydomain.net.
Let's review your concerns:
1.) I already hit on this above. When the MTA Relay is blank, Zimbra will perform a lookup for the MX record for @mydomain.net. Right now you do not have an MX record for @mydomain.net. When an email arrives locally or originates for @mydomain.net, Zimbra says "I don't host any mailboxes for @mydomain.net so I'm going to look for an MX record for @mydomain.net." Only the DNS server that hosts @mydomain.net says "Ummm, sorry, I don't have an MX record for @mydomain.net" so Zimbra then checks the A records for @mydomain.net and of course fails because none of the A records for @mydomain.net host a mail server.
2.) Think of MTA Relay as a forwarder. When an email comes in to the Zimbra server, it's going to first check to see if there is a local mailbox for the destination email address. If a mailbox doesn't exist, it will forward that email to the MTA Relay server. This is why it works when you fill in the Mdaemon address here. Because an email arrives locally or originates for @mydomain.net, Zimbra says "I don't host any mailboxes for @mydomain.net so I'm forwarding them to the MTA Relay server." The email is then delivered to Mdaemon who says "yes I host mailboxes for @mydomain.net" and the email is delivered to the local mailbox on Mdaemon. The MX record for @mydomain.net does not come into play here.
3.) This is your problem. You have MX records for the SMTP domain namespaces @mail.mydomain.net and @mail2.mydomain.net. But where is the MX record for @mydomain.net???
4.) You have to create an internal MX record for @mydomain.net and you're good to go.
As evidenced by all the information you have presented, this is not a bug in Zimbra. You are clearly getting confused on how the MX record should exist for the Mdaemon server. You have it created for the SMTP namespace @mail.mydomain.net and not @mydomain.net. Your public MX records are correct as they reference the external public address of the servers. It's your internal DNS that does not have MX records set up correctly.  |
03-02-2009, 06:32 AM
| | |
Quote:
Originally Posted by emcampos Bottomline, .... it's ZIMBRA'S BUG .... and RELAY MTA is where the answer lies. | It's not a bug but your understand of DNS and how it works  We are trying to help you get it up and running 
__________________  |
03-02-2009, 07:05 PM
| | |
Quote:
Originally Posted by cucs8 I'm not sure how I can spell it out any clearer than I have previously. You do not have an MX record for mydomain.net on your internal DNS servers. You have MX records for mail.mydomain.net and mail2.mydomain.net. An MX exists for an SMTP domain and returns the address of the server that serves it. Right now your MX record for the Mdaemon server is defined for the SMTP address spaces @mail.mydomain.net. You have to delete that MX record and re-add it for @mydomain.net, not @mail1.mydomain.net.
Let's review your concerns:
1.) I already hit on this above. When the MTA Relay is blank, Zimbra will perform a lookup for the MX record for @mydomain.net. Right now you do not have an MX record for @mydomain.net. When an email arrives locally or originates for @mydomain.net, Zimbra says "I don't host any mailboxes for @mydomain.net so I'm going to look for an MX record for @mydomain.net." Only the DNS server that hosts @mydomain.net says "Ummm, sorry, I don't have an MX record for @mydomain.net" so Zimbra then checks the A records for @mydomain.net and of course fails because none of the A records for @mydomain.net host a mail server.
2.) Think of MTA Relay as a forwarder. When an email comes in to the Zimbra server, it's going to first check to see if there is a local mailbox for the destination email address. If a mailbox doesn't exist, it will forward that email to the MTA Relay server. This is why it works when you fill in the Mdaemon address here. Because an email arrives locally or originates for @mydomain.net, Zimbra says "I don't host any mailboxes for @mydomain.net so I'm forwarding them to the MTA Relay server." The email is then delivered to Mdaemon who says "yes I host mailboxes for @mydomain.net" and the email is delivered to the local mailbox on Mdaemon. The MX record for @mydomain.net does not come into play here.
3.) This is your problem. You have MX records for the SMTP domain namespaces @mail.mydomain.net and @mail2.mydomain.net. But where is the MX record for @mydomain.net???
4.) You have to create an internal MX record for @mydomain.net and you're good to go.
As evidenced by all the information you have presented, this is not a bug in Zimbra. You are clearly getting confused on how the MX record should exist for the Mdaemon server. You have it created for the SMTP namespace @mail.mydomain.net and not @mydomain.net. Your public MX records are correct as they reference the external public address of the servers. It's your internal DNS that does not have MX records set up correctly. | Actually, im focusing on that aspect now.
Thank you very much again.
As for changing the MX record in the local DNS, i m not sure about it. The DNS in the Windows 2003 server asked for the FQDN, which is mail.mydomain.net. The DNS and mail server are in separate boxes. I was not the one who configured it though. It's there before I got in. Anyway, we thought this was okay since SquirrelMail working with Mdaemon was okay. In the local DNS that is on Windows 2003 server, it asks for the fqdn of the mail server. We cant simply put mydomain.net. Is there a workaround to fix this MX match up with mydomain.net?
Doing a DIG against the ISP's DNS for mydomain.net is okay and gives the MX records for both servers for mydomain.net. But for the local DNS, it's not. Unless, you specify the fqdn (dig mail.mydomain.net mx) in the DIG command.
By the way, I know that MTA serves like a forwarder. What I would want to know is how does this Relay MTA feature do it?
Does it bypass DNS and directly route the traffic to the right server?
Or does it pass the traffic via another port so the DNS (in this case 192.168.1.250) will not treat it as the usual SMTP traffic and perhaps looking at the DNS record for an MX entry for this traffic?
Last edited by emcampos; 03-02-2009 at 07:18 PM..
|
03-02-2009, 08:25 PM
| | |
FINAL RESULT: Problem is fixed!
I was right all along that Mr. CUCS8 is resonating with my concerns.
I followed his advise on the DNS. Eventually, i got it fixed by fixing our DNS.
Actually, the old setting was okay even when our second email server was put up (SquirrelMail).
It was only when we tried Zimbra for SquirrelMail that we had this Relay MTA problem.
The DIG command on the MX records is indeed very helpful.
I simply added a new entry in the local DNS and it's now okay. Mr. CUCS8 should be promoted to moderator status for his excellent job!
Thank you so much , dude!
By the way, for the other Zimbra users who have this same question, here is the summary; MAKING ZIMBRA RUNNING AS SECOND SERVER with the following factors;
1) Served by a local/internal DNS
- both mail servers have private IPs and is bound to a public IP via NAT.
2) ISP's DNS (external DNS) have the entry for both servers MX records.
3) Relay MTA is disabled (left blank)
- this makes it fully independent from first mail server since no forwarding of SMTP traffic is done.
4) First email server is "@mydomain.net" namespace
5) Second server (Zimbra) is in "@mail2.mydomain.net" namespace. THINGS TO LOOK AT;
1) etc/hosts file
only entry for Zimbra server is present with ist private IP
2) etc/resolv.conf
nameserver is pointed to local DNS
3) DNS must resolve dig for MX correctly
"dig @localdns.xxx mx"
must result to a positive mx find. see below; DIG for mail server 1 Quote:
zimbra@mail2:/home/boss$ dig @192.168.1.250 mydomain.net mx
; <<>> DiG 9.4.2 <<>> @192.168.1.250 mydomain.net mx
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41007
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;mydomain.net. IN MX
;; ANSWER SECTION:
mydomain.net. 3600 IN MX 14 mail.mydomain.net.
;; ADDITIONAL SECTION:
mail.mydomain.net. 3600 IN A 172.16.1.252
;; Query time: 51 msec
;; SERVER: 192.168.1.250#53(192.168.1.250)
;; WHEN: Tue Mar 3 12:20:32 2009
;; MSG SIZE rcvd: 69
| DIG for Zimbra server Quote:
zimbra@mail2:/home/boss$ dig @192.168.1.250 mail2.mydomain.net mx
; <<>> DiG 9.4.2 <<>> @192.168.1.3 mail2.mydomain.net mx
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13156
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; QUESTION SECTION:
;mail2.mydomain.net. IN MX
;; ANSWER SECTION:
mail2.mydomain.net. 3600 IN MX 12 mail2.mydomain.net.
;; ADDITIONAL SECTION:
mail2.mydomain.net. 3600 IN A 192.168.1.253
;; Query time: 0 msec
;; SERVER: 192.168.1.3#53(192.168.1.250)
;; WHEN: Tue Mar 3 12:20:40 2009
;; MSG SIZE rcvd: 70
zimbra@mail2:/home/boss$
| by the way, if enabling the Relay MTA doesnt matter to you, then just do so to make your traffic get through.
Last edited by emcampos; 03-02-2009 at 08:46 PM..
| | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
