DNS setup and smtp greeting problem

[slacri]

Hello, I need someone to help me with the installation and configuration of smtp greeting and dns

When I installed my Zimbra server (hostname zimbra) I had a public domain with an A record and MX record (mail.mydomain.it) like below

mydomain.it IN A X.X.X.149
mydomain.it IN MX 10 mail.mydomain.it
mail.mydomain.it IN A X.X.X.148

Before installing zimbra I installed bind9, created a file 'mydomain.it.hosts' in /etc/bind:

$ttl 38400
mydomain.it. IN SOA zimbra. user.example.com. (
1263294561
10800
3600
604800
38400 )
mydomain.it. IN NS zimbra.
zimbra.mydomain.it. IN A 192.168.100.23
mydomain.it. IN MX 10 zimbra.mydomain.it.


Configured named.conf.local like this
zone "mydomain.it" {
type master;
file "/etc/bind/mydomain.it.hosts";
};

Configure /etc/hosts like this:
127.0.0.1 localhost
192.168.100.23 zimbra.mydomain.it zimbra

Then I set resolv.conf to use bind:
nameserver localhost


During the installation I received the following error:

DNS ERROR resolving MX for zimbra.mydomain.it
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]

I changed that to mydomain.it and went on with the installation

Now the problem:
my smtp greeting is :
220 zimbra.mydomain.it ESMTP Postfix

A check on line for my domain says that (about 'Mail server host name in greeting'):

The configuration of your mail servers and your DNS are not ok! The report of the test is:

mail.mydomain.it. -> zimbra.mydomain.it -> N.C.

Spam recognition software and RFC821 4.3 (also RFC2821 4.3.1) state that the hostname given in the SMTP greeting MUST have an A record pointing back to the same server.

Where did I go wrong?
Do I have to change the SMTP greeting to 'mail.mydomain.com'? How can I do this?
Do I have to ask my maintainer to create a new record 'zimbra.mydomain.com' with an A record pointing back to the public IP of the server (same as record MX)? I'm confused!
Thanks, Simone

[uxbod]

Why not just change the A and MX record in the external DNS to point to zimbra.mydomain.it ?

[LMStone]

It is of course up to you what you want to use for public DNS names, but if DNS is as you like it now, you can change the Postfix Greet String as follows:

If you can wait for a complete Zimbra restart, all that needs to be done is run the following as the zimbra user:

Code:

zmlocalconfig -e postfix_smtpd_banner="\$myhostname NO UCE ESMTP"

You can replace "\$myhostname" (or indeed the whole string) with whatever you like.

After completing the above step, but if you need to implement immediately and cannot do a complete Zimbra restart, first run as root (using the same greet string as you chose above):

Code:

/opt/zimbra/postfix/sbin/postconf -e smtpd_banner="\$myhostname NO UCE ESMTP"

then run as the zimbra user:

Code:

zmmtactl reload

Hope that helps,
Mark

[slacri]

Thank you.
So, whatever I typed at the question

DNS ERROR resolving MX for zimbra.mydomain.it
It is suggested that the domain name have an MX record configured in DNS
Change domain name? [Yes]

would have resulted in a problem for me since I don't have the Linux hostname (zimbra) in the external DNS. So there was nothing I did wrong, I just didn't have the FQDN recorded in the external DNS. Right?

Basically the maintainer will add this:

zimbra.mydomain.it IN A X.X.X.148
zimbra.mydomain.it MX 10 mail.mydomain.it

It this correct?
Thanks
Simone

[uxbod]

Nope. Okay lets start again. Are you happy for your server to be named zimbra.mydomain.it ? If yes then are you happy to connect to it, and it be available externally, as zimbra.mydomain.it ? or would you prefer to connect as mail.mydomain.it ?

[LMStone]

Quote:

Originally Posted by uxbod

Nope. Okay lets start again. Are you happy for your server to be named zimbra.mydomain.it ? If yes then are you happy to connect to it, and it be available externally, as zimbra.mydomain.it ? or would you prefer to connect as mail.mydomain.it ?

I agree; that's exactly the right question to ask.

Slacri, the Zimbra installer creates a domain with the FQDN of the server. Perhaps this is where the confusion is starting?

So, if your server's hostname is "myserver" and your real public domain is "mycompany.com", then the Zimbra installer tries to create a domain called "myserver.mycompany.com" and you will get Zimbra-generated admin emails coming from "admin@myserver.company.com".

Many people don't like that, so what we do is to tell the installer to use the real public domain (e.g. "mycompany.com") and then the installer doesn't complain about DNS errors (assuming DNS is configured correctly for "mycompany.com"!)

After the install, we then add an alias domain of "myserver.mycompany.com" for the "mycompany.com" domain, and then everything within Zimbra works OK.

Hope that clears up what's going on behind the scenes.

Again, the question for you is what do you want to use for your real public domain? Then you can configure DNS and Zimbra round that.

All the best,
Mark

[slacri]

Mark, Uxbod, thanks you very much for your detailed replies.
Let's see if I have understood:

Option 1) I change the smtp greeting to mail.mydomain.it (now it is zimbra.mydomain.it)
Option 2) I add an alias zimbra.mydomain.it

Both solutions won't create problems to my server or conflict with spam software, being RFC821 4.3 and RFC2821 4.3.1 satisfied in each case, right?

Thank you indeed
Simone

[slacri]

Hello, I will choose option 2, since with option 1 (changing the smtp greeting) the condition below would not be met (I think)

Spam recognition software and RFC821 4.3 (also RFC2821 4.3.1) state that the hostname given in the SMTP greeting MUST have an A record pointing back to the same server.

Simone

[martinofmoscow]

I'm no expert either - i'm currently trying to solve the same situation, and following this thread with interest!

Quote:

Originally Posted by slacri

the hostname given in the SMTP greeting MUST have an A record pointing back to the same server.

... but judging by what has been said, I think either option would satisfy this criteria - I think this is the whole aim of the advice that's been given.

Personally I favour the 'change SMTP greeting' option, but am however still fishing for assurances that this won't have any unwanted knock-on effects (having been burnt recently by a script that was meant to reliably change the hostname of the mail server - ended up causing an almighty mess!).

Cheers,

Martin.

[martinofmoscow]

Quote:

Originally Posted by LMStone

It is of course up to you what you want to use for public DNS names, but if DNS is as you like it now, you can change the Postfix Greet String as follows:

If you can wait for a complete Zimbra restart, all that needs to be done is run the following as the zimbra user:

Code:

zmlocalconfig -e postfix_smtpd_banner="\$myhostname NO UCE ESMTP"

You can replace "\$myhostname" (or indeed the whole string) with whatever you like.

After completing the above step, but if you need to implement immediately and cannot do a complete Zimbra restart, first run as root (using the same greet string as you chose above):

Code:

/opt/zimbra/postfix/sbin/postconf -e smtpd_banner="\$myhostname NO UCE ESMTP"

then run as the zimbra user:

Code:

zmmtactl reload

Hope that helps,
Mark

Mark, many thanks for the excellent instructions. So I bit the bullet and followed these instructions. All's good, when I telnet into the mail server it reports its new hostname back as I'd like. However, if I HELO it reports back its old (real) host name. Do you know if this inconsistency might cause any problems? And do you know of any ways of testing mail server compliance on these matters? I really don't want to get us into a situation where our company email is being bounced/not delivered.

Thanks once again!

Martin.