No incoming mail from outside

[borngunners]

I have been twinkling with zimbra for over three weeks now and have done all sought of configurations and troubleshooting to get my mails coming from the outside world but to no avail. I am getting fed-up, but i have to get it working to convince my boss to go for zimbra mail instead of having exchange. I have installed and deinstalled and yet still can't get it right. I can telnet port 25 and every other ports from the outside fine using the public ip address of the server. When I try to telnet using the fqdn of the machine, it does not work. Also, I have to use the ip address in the url to access zimbra web. That is really not the biggest problem for me right now. The major problem is not being able to receive emails from the outside world (yahoo, hotmail, aol, etc.). I am able to send emails to the outside world as well as send and receive emails within my domain.
I will really appreciate a help from someone. Less I forget, I have a firewall and I setup a split dns.
************************************************** *******
db.mail.test.zimbra.com
************************************************** *******
;BIND data file for mail.test.zimbra.com
;
$TTL 604800
@ IN SOA mail.test.zimbra.com. admin.test.zimbra.com. (
070725 ; Serial
604800 ; Refresh
86400 ; Retry
2419200 ; Expire
604800 ) ; Negative Cache TTL
;
IN NS 192.168.xxx.xx Private ip
IN A 192.168.xxx.xx Private ip
mail IN MX 10 mail.test.zimbra.com.

************************************************** ******
named.conf.local
************************************************** ******

zone "mail.test.zimbra.com" {
type master;
file "/etc/bind/db.mail.test.zimbra.com";
};

************************************************** ******
named.conf.options
************************************************** ******
options {
directory "/var/cache/bind";

// If there is a firewall between you and nameservers you want
// to talk to, you might need to uncomment the query-source
// directive below. Previous versions of BIND always asked
// questions using port 53, but BIND 8.1 and later use an unprivileged
// port by default.

query-source address * port 53;

// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.

forwarders {
xxx.x.x.x; xxx.x.xx.x; //stable ip's of ISP
};

auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};

************************************************** *******
hosts
************************************************** *******
127.0.0.1 localhost.localdomain localhost
192.168.xxx.xx mail.test.zimbra.com mail

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

************************************************** *******
resolv.conf
************************************************** *******
search mail.test.zimbra.com
nameserver 192.168.xxx.xx Private ip of zimbra mail server
nameserver xxx.x.x.x stable ip's of ISP

************************************************** *******
Logs
************************************************** *******
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: logger: Running
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: mailbox: Running
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: mta: Running
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: snmp: Running
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: spell: Running
Jul 26 20:32:05 mail zimbramon[17686]: 17686:info: 2009-07-26 20:32:01, STATUS: mail.test.zimbra.com: stats: Running
Jul 26 20:32:51 mail zmmailboxdmgr[18173]: status requested
Jul 26 20:32:51 mail zmmailboxdmgr[18173]: status OK
Jul 26 20:32:52 mail zmmailboxdmgr[18229]: status requested
Jul 26 20:32:52 mail zmmailboxdmgr[18229]: status OK

************************************************** ******
digs
************************************************** ******
root@mail:~# dig mail.test.zimbra.com mx

; <<>> DiG 9.4.2-P2 <<>> mail.test.zimbra.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5415
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.test.zimbra.com. IN MX

;; AUTHORITY SECTION:
mail.test.zimbra.com. 604800 IN SOA mail.test.zimbra.com. admin.mail.test.zimbra.com. 70725 604800 86400 2419200 604800

;; Query time: 9 msec
;; SERVER: 192.168.xxx.xx#53(192.168.xxx.xx)
;; WHEN: Sun Jul 26 20:37:10 2009
;; MSG SIZE rcvd: 76


root@mail:~# dig mail.test.zimbra.com any

; <<>> DiG 9.4.2-P2 <<>> mail.test.zimbra.com any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 931
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.test.zimbra.com. IN ANY

;; ANSWER SECTION:
mail.test.zimbra.com. 604800 IN SOA mail.test.zimbra.com. admin.mail.test.zimbra.com. 70725 604800 86400 2419200 604800
mail.test.zimbra.com. 604800 IN NS 192.168.xxx.xx.mail.test.zimbra.com.
mail.test.zimbra.com. 604800 IN A 192.168.xxx.xx

;; Query time: 0 msec
;; SERVER: 192.168.xxx.xx#53(192.168.xxx.xx)
;; WHEN: Sun Jul 26 20:39:49 2009
;; MSG SIZE rcvd: 121

************************************************** *******
`hostname`
************************************************** *******
root@mail:~# host `hostname`
mail.mail.test.zimbra.com mail is handled by 10 mail.test.zimbra.com.

zimbra@mail:~$ zmcontrol -v
Release 5.0.18_GA_3011.UBUNTU8 UBUNTU8 FOSS edition

This is all I have so far for the configuration. I did forwarded the necessary port to the private ip from the firewall

Thank for your support.

[Bill Brock]

Have you setup your MX, A, and PTR records for the outside world to resolve to your Zimbra server where the SOA for your zone file resides?

[uxbod]

Welcome to the forums

Code:

nameserver xxx.x.x.x stable ip's of ISP

if you have installed BIND on your server then you should not list your ISP DNS server in /etc/resolv.conf but instead add it into named.conf as a forwarder (as you have already done). Secondly, would you please post your domain zone file so we can see what you have put in it please.

[borngunners]

Welcome to the forums

Code:

nameserver xxx.x.x.x stable ip's of ISP

if you have installed BIND on your server then you should not list your ISP DNS server in /etc/resolv.conf but instead add it into named.conf as a forwarder (as you have already done). Secondly, would you please post your domain zone file so we can see what you have put in it please.

Uxbod.
The zone file is listed in the post that I created. I have everything that I think you might want me to provide you. If you can't find it, please explain to me what you are refering to as the domain zone file:

zone "mail.test.zimbra.com" {
type master;
file "/etc/bind/db.mail.test.zimbra.com";
};

[borngunners]

Have you setup your MX, A, and PTR records for the outside world to resolve to your Zimbra server where the SOA for your zone file resides?

I did created an MX and A record. Please look at my post. I have everything that you might want to know about. If I am missing anything please let me know. I have a windows 2003 server that act as my domain controller that is entirely in a different subnet from the zimbra server. The zimbra server is behind a firewall and I have a split dns setup on it. Please look at my post carefully. It should have evrything that you might want to know.

[uxbod]

You have called your server mail.test.zimbra.com and for the domain zone mail.test.zimbra.com aswell Surely your domain zone will be test.zimbra.com.

[borngunners]

You have called your server mail.test.zimbra.com and for the domain zone mail.test.zimbra.com aswell Surely your domain zone will be test.zimbra.com.

uxbod.
I just changed the domain zone to test.zimbra.com and type the following command #host `hostname` and get reply host mail not found: 3(NXDOMIAN). Do you have an idea why the following message or I have to modify my dns bind as well?

[borngunners]

uxbod.
I just found out the reason for the host mail not found: 3(NXDOMAIN) error. In the resolv.conf I have "search mail.test.zimbra.com" instead of "search test.zimbra.com". After all the changes that you suggested, I did a /etc/init.d/bind9 restart and try to test the email. I still can't receive emails from the outside world. As usual, I can send to the outside world and send and receive to the inside.

Thanks for your patient and help

[uxbod]

Now you have made all those changes please post again

Code:

cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain mx
dig yourdomain any
host `hostname` <- note backticks and not single quotes

[borngunners]

Now you have made all those changes please post again

Code:

cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain mx
dig yourdomain any
host `hostname` <- note backticks and not single quotes

/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.xxx.xx mail.test.zimbra.com mail

# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

/etc/resolv.conf
search test.zimbra.com
nameserver 192.168.xxx.xx Private ip of zimbra mail server

dig test.zimbra.com any
root@mail:~# dig test.zimbra.com any

; <<>> DiG 9.4.2-P2 <<>> test.zimbra.com any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 931
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;test.zimbra.com. IN ANY

;; ANSWER SECTION:
test.zimbra.com. 604800 IN SOA mail.test.zimbra.com. admin.mail.test.zimbra.com. 70725 604800 86400 2419200 604800
test.zimbra.com. 604800 IN NS 192.168.xxx.xx.test.zimbra.com.
test.zimbra.com. 604800 IN A 192.168.xxx.xx

;; Query time: 0 msec
;; SERVER: 192.168.xxx.xx#53(192.168.xxx.xx)
;; WHEN: Sun Jul 26 20:39:49 2009
;; MSG SIZE rcvd: 121

dig test.zimbra.com mx
root@mail:~# dig test.zimbra.com mx

; <<>> DiG 9.4.2-P2 <<>> test.zimbra.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 5415
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;test.zimbra.com. IN MX

;; AUTHORITY SECTION:
test.zimbra.com. 604800 IN SOA mail.test.zimbra.com. admin.mail.test.zimbra.com. 70725 604800 86400 2419200 604800

;; Query time: 9 msec
;; SERVER: 192.168.xxx.xx#53(192.168.xxx.xx)
;; WHEN: Sun Jul 26 20:37:10 2009
;; MSG SIZE rcvd: 76

host `hostname`

mail.test.zimbra.com is handled by 10 mail.test.zimbra.com.