| Welcome to the Zimbra - Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | 
10-30-2009, 02:47 AM
| | Special Member | |
Posts: 112
| |  Need help to get Zimbra to send & receive email without errors and rejections
I have a hosted Zimbra with multiple domains all sharing one IP address. I notice that my log contains varies error messages. Some of them includes: - Relaying denied. IP name possibly forged [xxx.xxx.xxx.xxx] (in reply to RCPT TO command))
- Host or domain name not found. Name service error for name=zimbra.xxx.com type=A: Host found but no data record of requested type
- mail for zimbra.xxx.com loops back to myself
After some research, I realize that beside getting Zimbra to run properly, we have to setup additional verification stuffs to ensure that Zimbra is able to send/receive email without rejections to/by other servers:
* Have a valid rDNS
* Have SPF set up
* Have domain keys set up
* Have signed up for feedback loop
* Have a valid abuse@ and/or postmaster@ email address on your domain
Since many users complains that they cannot receive/send emails to/from some domains, should I also disable these checks in Zimbra MTA settings? - Hostname in greeting violates RFC (reject_invalid_hostname)
- Client must greet with a fully qualified hostname (reject_non_fqdn_hostname)
- Sender address must be fully qualified (reject_non_fqdn_sender)
- Client's IP address (reject_unknown_client)
- Hostname in greeting (reject_unknown_hostname)
- Sender's domain (reject_unknown_sender_domain)
Zimbra has provide a good reference manual on what it's each option does. Unfortunately it didn't provide something more useful - an operation manual (step by step installation and setup guidance)  |
10-30-2009, 05:25 AM
| | |
Please post this information from your ZCS server Code: cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain mx
dig yourdomain any
host `hostname` <- note backticks and not single quotes (copy 'n' paste) As long as your clients domain have a MX that points to a properly configured server with the right DNS entries all should be okay.
__________________ SplatNIX IT Services :: Innovation through Collaboration™  http://www.messagefortress.com |
11-02-2009, 08:53 PM
| | Special Member | |
Posts: 112
| |
Code: /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.190.250 zimbra.mydomain.com zimbra
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts Code: /etc/resolv.conf
nameserver 192.168.190.1
nameserver 202.172.224.238
nameserver 202.172.232.238 Code: dig mydomain mx
; <<>> DiG 9.4.2-P2 <<>> mydomain mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15292
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain. IN MX
;; AUTHORITY SECTION:
com. 830 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257219774 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 202.172.224.238#53(202.172.224.238)
;; WHEN: Tue Nov 3 11:44:25 2009
;; MSG SIZE rcvd: 108 Code: dig mydomain any
; <<>> DiG 9.4.2-P2 <<>> mydomain any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain. IN ANY
;; AUTHORITY SECTION:
com. 532 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257219774 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 202.172.224.238#53(202.172.224.238)
;; WHEN: Tue Nov 3 11:49:23 2009
;; MSG SIZE rcvd: 108 Code: host mydomain
mydomain mail is handled by 10 zimbra.mydomain.
Last edited by phoenix : 11-03-2009 at 12:55 AM.
|
11-03-2009, 01:01 AM
| | Zimbra Consultant & Moderator | |
Posts: 11,507
| |
Quote:
Originally Posted by bhwong  Code: /etc/resolv.conf
nameserver 192.168.190.1
nameserver 202.172.224.238
nameserver 202.172.232.238 | The hosts file should only contain the IP address of your LAN server. Quote:
Originally Posted by bhwong Code: dig mydomain mx
; <<>> DiG 9.4.2-P2 <<>> mydomain mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15292
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain. IN MX
;; AUTHORITY SECTION:
com. 830 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257219774 1800 900 604800 86400
;; Query time: 3 msec
;; SERVER: 202.172.224.238#53(202.172.224.238)
;; WHEN: Tue Nov 3 11:44:25 2009
;; MSG SIZE rcvd: 108 | There appears to be no MX record for your domain. Quote:
Originally Posted by bhwong Code: dig mydomain any
; <<>> DiG 9.4.2-P2 <<>> mydomain any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 11038
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;mydomain. IN ANY
;; AUTHORITY SECTION:
com. 532 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257219774 1800 900 604800 86400
;; Query time: 4 msec
;; SERVER: 202.172.224.238#53(202.172.224.238)
;; WHEN: Tue Nov 3 11:49:23 2009
;; MSG SIZE rcvd: 108 | There apears to be no A record for your domain. Quote:
Originally Posted by bhwong Code: host mydomain
mydomain mail is handled by 10 zimbra.mydomain. | The better command to use is the following: Code: host `hostname` <-- with backticks not single quotes However, to your specific problem. I'll guess that those errors you've posted earlier relate to inbound mail, do those messages show in the daily report? It's not use just quoting the text from an error message as it's taken out of context, post some actual error messages from the log files for these errors.
__________________
Regards
Bill
|
11-03-2009, 03:33 AM
| | Special Member | |
Posts: 112
| |
> The hosts file should only contain the IP address of your LAN server.
I have entered the gateway and DNS server IP addresses instead. So, it should be the local IP address (not public IP) of the server that Zimbra run on which is 192.168.190.250?
I dig the wrong domain, it should be zimbra.mydomain.com which is the domain that my Zimbra run on, mydomain.com is the main domain. So the result is as followed:
dig mydomain mx
; <<>> DiG 9.4.2-P2 <<>> zimbra.mydomain mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52089
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;zimbra.mydomain. IN MX
;; AUTHORITY SECTION:
com. 900 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257243961 1800 900 604800 86400
;; Query time: 8 msec
;; SERVER: 192.168.190.250#53(192.168.190.250)
;; WHEN: Tue Nov 3 18:26:12 2009
;; MSG SIZE rcvd: 115
dig mydomain any
; <<>> DiG 9.4.2-P2 <<>> zimbra.mydomain any
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 32681
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;zimbra.mydomain. IN ANY
;; AUTHORITY SECTION:
com. 544 IN SOA a.gtld-servers.net nstld.verisign-grs.com. 1257243961 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 192.168.190.250#53(192.168.190.250)
;; WHEN: Tue Nov 3 18:32:08 2009
;; MSG SIZE rcvd: 115 |
11-03-2009, 03:36 AM
| | Special Member | |
Posts: 112
| |
> post some actual error messages from the log files for these errors.
Errors
2009-11-02 01:01:31 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=owner-confocalmicroscopy@LISTS.UMN.EDU to=xpan@domain.com.sg
2009-11-02 13:24:57 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=<> to=mchua@domain.com.sg
2009-11-02 13:24:57 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=lfeng@domain.com.sg to=mchua@domain.com.sg
2009-11-02 14:20:05 bounced (Host or domain name not found. Name service error for name=6747-335.cudamail.com type=A: Host found but no data record of requested type)
from=mchua@domain.com.sg to=bsawchuk@QIMAGING.com
2009-11-02 14:20:05 bounced (Host or domain name not found. Name service error for name=6747-335.cudamail.com type=A: Host found but no data record of requested type)
from=mchua@domain.com.sg to=cwillows@QIMAGING.com
2009-11-02 15:19:24 deferred (host fw.paclp.de[212.63.70.228] said: 451 Please try again (in reply to RCPT TO command))
from=wtan@domain.com.sg to=service@paclp.de
2009-11-02 15:39:36 deferred (host fw.paclp.de[212.63.70.228] said: 451 Please try again (in reply to RCPT TO command))
from=fwong@domain.com.sg to=jonathan.salimat@paclp.sg |
11-03-2009, 04:32 AM
| | Zimbra Consultant & Moderator | |
Posts: 11,507
| |
Quote:
Originally Posted by bhwong > The hosts file should only contain the IP address of your LAN server.
I have entered the gateway and DNS server IP addresses instead. So, it should be the local IP address (not public IP) of the server that Zimbra run on which is 192.168.190.250? | My mistake, that should have read: the resolv.conf should only have the IP of your LAN DNS server. Quote:
Originally Posted by bhwong I dig the wrong domain, it should be zimbra.mydomain.com which is the domain that my Zimbra run on, mydomain.com is the main domain. So the result is as followed: | Those results still show no A or MX records for the domain, can you not see that?
__________________
Regards
Bill
|
11-03-2009, 04:33 AM
| | Zimbra Consultant & Moderator | |
Posts: 11,507
| |
Quote:
Originally Posted by bhwong > post some actual error messages from the log files for these errors.
Errors
2009-11-02 01:01:31 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=owner-confocalmicroscopy@LISTS.UMN.EDU to=xpan@domain.com.sg
2009-11-02 13:24:57 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=<> to=mchua@domain.com.sg
2009-11-02 13:24:57 bounced (Host or domain name not found. Name service error for name=zimbra.dc1.domain.com type=A: Host found but no data record of requested type)
from=lfeng@domain.com.sg to=mchua@domain.com.sg
2009-11-02 14:20:05 bounced (Host or domain name not found. Name service error for name=6747-335.cudamail.com type=A: Host found but no data record of requested type)
from=mchua@domain.com.sg to=bsawchuk@QIMAGING.com
2009-11-02 14:20:05 bounced (Host or domain name not found. Name service error for name=6747-335.cudamail.com type=A: Host found but no data record of requested type)
from=mchua@domain.com.sg to=cwillows@QIMAGING.com
2009-11-02 15:19:24 deferred (host fw.paclp.de[212.63.70.228] said: 451 Please try again (in reply to RCPT TO command))
from=wtan@domain.com.sg to=service@paclp.de
2009-11-02 15:39:36 deferred (host fw.paclp.de[212.63.70.228] said: 451 Please try again (in reply to RCPT TO command))
from=fwong@domain.com.sg to=jonathan.salimat@paclp.sg | That would be because of your DNS records problem.
__________________
Regards
Bill
|
11-06-2009, 06:56 AM
| | Special Member | |
Posts: 112
| |
> My mistake, that should have read: the resolv.conf should only have the IP of your LAN DNS server.
My LAN do not have a DNS server. So it should be my ISP DNS server right?
> Those results still show no A or MX records for the domain, can you not see that?
What will it show if there are A or MX records? I'm not familiar with dig output but Pingability.com: Web Site Monitoring and Alert Service output does show that my A and MX records are working fine. Something to do with the nameserver above? |
11-06-2009, 07:18 AM
| | Zimbra Consultant & Moderator | |
Posts: 11,507
| |
Quote:
Originally Posted by bhwong > My mistake, that should have read: the resolv.conf should only have the IP of your LAN DNS server, this is from your resolv.conf.
My LAN do not have a DNS server. So it should be my ISP DNS server right? | According to your earlier output your LAN does have a DNS server, this is from your resolv.conf: Code: nameserver 192.168.190.1 and the output you provided earlier shows that the output from the dig query was provided by a LAN DNS server: Code: ; Query time: 8 msec
;; SERVER: 192.168.190.250#53(192.168.190.250)
;; WHEN: Tue Nov 3 18:26:12 2009
;; MSG SIZE rcvd: 115 Your hosts file also shows you to be on a private LAN IP address for your Zimbra server: Code: 192.168.190.250 zimbra.mydomain.com zimbra If that's the case you should have a DNS server on your LAN that provides the LAN IP of your Zimbra server when queried from the Zimbra server using the commands I gave you earlier. Quote:
Originally Posted by bhwong > Those results still show no A or MX records for the domain, can you not see that?
What will it show if there are A or MX records? I'm not familiar with dig output but Pingability.com: Web Site Monitoring and Alert Service output does show that my A and MX records are working fine. Something to do with the nameserver above? | You haven't shown anything that has your A & MX records in it, there's no output other than the pingability web site in your link. If you wish to see what the records would look like check the output for the dig commands using google.com as an domain name.
__________________
Regards
Bill
| | Thread Tools | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
