zcs 6.0 communication issue send/receive

[bluethundr_]

I have a small zimbra farm that I am trying to setup.

It consists of the following:

Code:

cloud3 - LDAP host - 10.192.213.189
cloud4 - mailbox host - 10.192.213.189
cloud5 - MTA host - 10.248.207.1
cloud6 - mailbox host - 10.215.197.130

(these are all private IP's on a local network)

I have set my relay MTA host settings on the global control panel on my mailbox hosts to point to the MTA host.

But even after I have set this up to what I believe are the correct settings I still cannot send from the mailbox host, thru the MTA and to the external world...

I looked at the mynetworks setting on the MTA host (cloud5) and it looks ok to me:

Code:

mynetworks = 127.0.0.0/8 10.248.206.0/23

When I try to send mail this is what happens in the zimbra.log file on cloud6 (a mailbox host)

Code:

May 23 16:42:58 cloud5 postfix/smtpd[12347]: NOQUEUE: reject: RCPT from unknown[123.457.78.91]: 554 5.7.1 : Relay access denied; from= to= proto=ESMTP helo=
May 23 16:42:58 cloud5 postfix/smtpd[12347]: disconnect from unknown[123.457.78.91]

Thanks for your help...

[bluethundr_]

hmm.. I think I have this partially sussed.

The machines break down this way as to external IPs.. right now I'm only concerned with cloud5 (MTA) and cloud6 (mailbox host) as the account I'm testing is on cloud6

Code:

cloud5.example.com external IP - 123.456.78.91
cloud6.example.com eternal IP - 123.456.78.92

I looked at main.cf on the MTA server (cloud5) and this is what I saw:

Code:

mynetworks = 127.0.0.0/8 10.248.206.0/23

I realized that it should instead read as this, so that it can relay from the mailbox servers (cloud4 and cloud6):

Code:

mynetworks = 127.0.0.0/8 10.248.206.0/23 10.192.213.0/23 10.215.197.0/23

But when I modified it and restarted all services on all 3 servers involved (cloud4, and cloud6 - the mailboxes and cloud5 the MTA) I noticed that the main.cf was reverted back to the original settings.

That's when I thought that all the magic was happening via the internal IP's. Then, after having a look at the logs realized that zimbra was in fact working with the externally resolvable IPs....

Someone on IRC mentioned that zimbra rewrites the main.cf every time you restart from keyed values. The solution is to modify the setting with zmprov. So I performed this command:

Code:

zmprov modifyServer cloud5.example.com zimbraMtaMyNetworks '127.0.0.0/8 123.456.78.91 123.456.78.92'

So I did this and right away it appears that mail is sending from the cloud6 host. But I am still running into a problem as the mail is actually being bounced.

Code:

May 23 22:20:01 cloud5 zimbramon[13943]: 13943:info: 2010-05-23 22:20:01, QUEUE: 38 11 
May 23 22:21:14 cloud5 postfix/smtpd[14601]: warning: 123.456.78.92: address not listed for hostname ec2-123-45-678-9A1.compute-1.amazonaws.com
May 23 22:21:14 cloud5 postfix/smtpd[14601]: connect from unknown[123.456.78.92]
May 23 22:21:14 cloud5 postfix/smtpd[14601]: 977686204D: client=unknown[123.456.78.92]
May 23 22:21:14 cloud5 postfix/cleanup[14606]: 977686204D: message-id=<17709568.24.1274667674319.JavaMail.root@cloud6.example.com>
May 23 22:21:14 cloud5 postfix/qmgr[9598]: 977686204D: from=, size=656, nrcpt=1 (queue active)
May 23 22:21:14 cloud5 postfix/smtpd[14601]: disconnect from unknown[123.456.78.92]
May 23 22:21:15 cloud5 amavis[7256]: (07256-01) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20100523T222114-07256:  ->  SIZE=656 Received: from cloud5.example.com ([127.0.0.1]) by localhost (cloud5.example.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for ; Sun, 23 May 2010 22:21:14 -0400 (EDT)
May 23 22:21:15 cloud5 amavis[7256]: (07256-01) Checking: ScsZGuAWd6UK [123.456.78.92]  -> 
May 23 22:21:15 cloud5 postfix/smtpd[14610]: connect from localhost.localdomain[127.0.0.1]
May 23 22:21:15 cloud5 postfix/smtpd[14610]: 7029E62065: client=localhost.localdomain[127.0.0.1]
May 23 22:21:15 cloud5 postfix/cleanup[14606]: 7029E62065: message-id=<17709568.24.1274667674319.JavaMail.root@cloud6.example.com>
May 23 22:21:15 cloud5 postfix/qmgr[9598]: 7029E62065: from=, size=1363, nrcpt=1 (queue active)
May 23 22:21:15 cloud5 amavis[7256]: (07256-01) FWD via SMTP:  -> ,BODY=7BIT 250 2.0.0 Ok, id=07256-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7029E62065
May 23 22:21:15 cloud5 amavis[7256]: (07256-01) Passed CLEAN, [123.456.78.92] [123.456.78.92]  -> , Message-ID: <17709568.24.1274667674319.JavaMail.root@cloud6.example.com>, mail_id: ScsZGuAWd6UK, Hits: 3.919, size: 656, queued_as: 7029E62065, 850 ms
May 23 22:21:15 cloud5 postfix/smtp[14607]: 977686204D: to=, relay=127.0.0.1[127.0.0.1]:10024, delay=0.9, delays=0.04/0.01/0.01/0.85, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=07256-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 7029E62065)
May 23 22:21:15 cloud5 amavis[7256]: (07256-01) extra modules loaded: /opt/zimbra/zimbramon/lib/i486-linux-gnu-thread-multi/auto/Net/SSLeay/autosplit.ix, /opt/zimbra/zimbramon/lib/i486-linux-gnu-thread-multi/auto/Net/SSLeay/randomize.al, IO/Socket/SSL.pm, Net/LDAP/Extension.pm, Net/SSLeay.pm
May 23 22:21:15 cloud5 postfix/qmgr[9598]: 977686204D: removed
May 23 22:21:15 cloud5 postfix/smtpd[14601]: warning: 123.456.78.93: address not listed for hostname ec2-123-45-678-9A2.compute-1.amazonaws.com
May 23 22:21:15 cloud5 postfix/smtpd[14601]: connect from unknown[123.456.78.93]
May 23 22:21:15 cloud5 postfix/smtp[14611]: warning: host cloud5.example.com[123.456.78.93]:25 greeted me with my own hostname cloud5.example.com
May 23 22:21:15 cloud5 postfix/smtp[14611]: warning: host cloud5.example.com[123.456.78.93]:25 replied to HELO/EHLO with my own hostname cloud5.example.com
May 23 22:21:15 cloud5 postfix/smtp[14611]: 7029E62065: to=, relay=cloud5.example.com[123.456.78.93]:25, delay=0.3, delays=0.13/0.14/0.02/0, dsn=5.4.6, status=bounced (mail for cloud5.example.com:25 loops back to myself)
May 23 22:21:15 cloud5 postfix/smtpd[14601]: disconnect from unknown[123.456.78.93]
May 23 22:21:16 cloud5 postfix/cleanup[14606]: A5DAA62064: message-id=<20100524022115.A5DAA62064@cloud5.example.com>
May 23 22:21:16 cloud5 postfix/qmgr[9598]: A5DAA62064: from=<>, size=3341, nrcpt=1 (queue active)
May 23 22:21:16 cloud5 postfix/bounce[14614]: 7029E62065: sender non-delivery notification: A5DAA62064
May 23 22:21:16 cloud5 postfix/qmgr[9598]: 7029E62065: removed
May 23 22:21:16 cloud5 postfix/error[13669]: A5DAA62064: to=, relay=none, delay=0.6, delays=0.58/0.01/0/0.01, dsn=4.4.1, status=deferred (delivery temporarily suspended: connect to cloud6.example.com[123.456.78.92]:7025: Connection timed out)

I have also altered the MTA webmail host names to what I thought the values should be and altered the webmail MTA port as shown in the screen shot that I have enclosed.

Any hints as to how to proceed would be greatly appreciated...