Zimbra server problem - Split DNS

[getridoff]

Hi to all Zimbra gurus,

well, after long time outsourcing from other vendors the email servers, finally we have decided to put the real world challenge on Zimbra mail server, so that we gonna put the Zimbra mail server in production in less than a week now and will be replacing all our clients other mail servers.

1. Installing Zimbra on Public IP address is a breeze, and is already on production sites

2. Installing Zimbra server in Split DNS environment is a breeze to, but a little problem which giving us a small headache. I hope the Zimbra guru's here can guide me to solve this matters .

Below is the outpost for my Split DNS environment server :

cat /etc/hosts
cat /etc/resolv.conf
dig yourdomain mx
dig yourdomain any
host `hostname` <- note backticks and not singles quotes


The results is :

cat /etc/hosts
===============
# Do not remove the following line, or various programs
# that require network functionality will fail.
127.0.0.1 localhost.localdomain localhost
192.168.1.102 mail.nha2u.com mail


cat /etc/resolv.conf
===================
search nha2u.com
nameserver 192.168.1.102



dig yourdomain mx
=====================
dig nha2u.com mx

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13949
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;nha2u.com. IN MX

;; ANSWER SECTION:
nha2u.com. 74003 IN MX 10 mail.nha2u.com.

;; AUTHORITY SECTION:
nha2u.com. 74001 IN NS ns1.agigaworld.com.

;; ADDITIONAL SECTION:
mail.nha2u.com. 2592000 IN A 192.168.1.102
ns1.agigaworld.com. 31459 IN A 124.217.227.140

;; Query time: 1 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Mon Jun 28 17:05:25 2010
;; MSG SIZE rcvd: 109




dig yourdomain any
===================

dig nha2u.com mx

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> nha2u.com mx
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 25326
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 1, ADDITIONAL: 2

;; QUESTION SECTION:
;nha2u.com. IN MX

;; ANSWER SECTION:
nha2u.com. 73970 IN MX 10 mail.nha2u.com.

;; AUTHORITY SECTION:
nha2u.com. 73968 IN NS ns1.agigaworld.com.

;; ADDITIONAL SECTION:
mail.nha2u.com. 2592000 IN A 192.168.1.102
ns1.agigaworld.com. 31426 IN A 124.217.227.140

;; Query time: 0 msec
;; SERVER: 192.168.1.102#53(192.168.1.102)
;; WHEN: Mon Jun 28 17:05:58 2010
;; MSG SIZE rcvd: 109

[root@mail ~]#




host `hostname`
===============
host `hostname`
mail.nha2u.com has address 192.168.1.102
mail.nha2u.com mail is handled by 10 mail.nha2u.com.


Yet i still unable to send out emails to the outside world such as Yahoo, Gmail and Hotmail, but i can receive from them sometimes. I have checked thru all my logs and finds nothing there (according to me, sorry still learning and catching up). I have setup A record and MX record with PTR record in my DNS setup still yet to unable to sent mails out.

Probably any Zimbra Guru's here would like to help me about this situation that im facing here.

Thank you very much,

Regards,
Muthu

[uxbod]

Are they ending up in the SPAM bucket at those providers ? You should search the forums for help on setting up SPF and DKIM records.

[getridoff]

Quote:

Originally Posted by uxbod

Are they ending up in the SPAM bucket at those providers ? You should search the forums for help on setting up SPF and DKIM records.

Hi uxbod

Previously when i sent 5 emails to Yahoo, Gmail and Hotmail, i only get 1 email sent to Gmail account into Spam bucket. Then i tested it just now i can send and receive in Gmail without the emails going into the Spam bucket. But, if i try to send email again from my Zimbra server to Gmail, the message said 'sent' but Gmail still not yet got the message. Same goes to Yahoo and Hotmail too, till now did not get the email i sent.

Regarding the setting up SPF and DKIM which you have mentioned here, i have set up the SPF record in my hosting account points to the Zimbra IP, and what about DKIM records ? I can't find any records of DKIM in my hosting panel it seems. It would be helpful if you could guide me here a little bit.

Thank you Uxbod

Regards,
Muthu

[getridoff]

Quote:

Originally Posted by getridoff

Hi uxbod

Previously when i sent 5 emails to Yahoo, Gmail and Hotmail, i only get 1 email sent to Gmail account into Spam bucket. Then i tested it just now i can send and receive in Gmail without the emails going into the Spam bucket. But, if i try to send email again from my Zimbra server to Gmail, the message said 'sent' but Gmail still not yet got the message. Same goes to Yahoo and Hotmail too, till now did not get the email i sent.

Regarding the setting up SPF and DKIM which you have mentioned here, i have set up the SPF record in my hosting account points to the Zimbra IP, and what about DKIM records ? I can't find any records of DKIM in my hosting panel it seems. It would be helpful if you could guide me here a little bit.

Thank you Uxbod

Regards,
Muthu

Hi Uxbod,

Just now i got Error message from my Zimbra server, for the email i sent to Hotmail. The error is like below :

host mx4.hotmail.com[65.55.37.88] said: 550 OU-001
Mail rejected by Windows Live Hotmail for policy reasons. Reasons for
rejection may be related to content with spam-like characteristics or
IP/domain reputation problems. If you are not an email/network admin please
contact your E-mail/Internet Service Provider for help. Email/network
admins, please visit Windows Live Hotmail Postmaster for email delivery
information and support (in reply to MAIL FROM command)

Is there any cure for this uxbod ?

Thank you

Regards,
Muthu

[phoenix]

Quote:

Originally Posted by getridoff

host mx4.hotmail.com[65.55.37.88] said: 550 OU-001
Mail rejected by Windows Live Hotmail for policy reasons. Reasons for
rejection may be related to content with spam-like characteristics or
IP/domain reputation problems. If you are not an email/network admin please
contact your E-mail/Internet Service Provider for help. Email/network
admins, please visit Windows Live Hotmail Postmaster for email delivery
information and support (in reply to MAIL FROM command)

You have been provided with a link to the Hotmail help page, you need to visit that page and look at the error code they've given you and then look on the help page for the reason your mail has been rejected. The usual reason for mail to get rejected is because you are, or appear to be, a source of spam or you are on an RBL list for some reason.

[getridoff]

Quote:

Originally Posted by phoenix

You have been provided with a link to the Hotmail help page, you need to visit that page and look at the error code they've given you and then look on the help page for the reason your mail has been rejected. The usual reason for mail to get rejected is because you are, or appear to be, a source of spam or you are on an RBL list for some reason.

Hi Phoenix,

I will check it out according to the Hotmail help page and will post any outcoming results over here.

Thank you phoenix.


Regards,
Muthu

[LMStone]

Likely the rejects are from a missing PTR record. If so, you will need to ask your ISP to deploy a PTR (Reverse DNS) record for your public IP address 211.24.155.2 pointing to mail.nha2u.com.

I would also recommend you add an alias for abuse@nha2u.com to one of your Administrator mailboxes.

Many, many email servers will block email from servers without a reverse DNS record.

See http://www.dnsstuff.com/tools/dnsrep...a587062b5b1019

Hope that helps,
Mark

[getridoff]

Hi Mark,

Thanks for the reply. But i have insert the PTR records into my domain hosting DNS sections anyway. Do i need to change anything there or i should call away my ISP to ask them put up the RDNS for the public IP i have mentioned here?

[LMStone]

PTR records are entered into public DNS by the entity that controls the IP address referenced by the PTR. Typically, that's your ISP or your colocation provider (or your colocation provider's ISP).

The DNS Stuff link I posted (which expires shortly) shows there is no PTR record in public DNS.

And as you are seeing, many email systems refuse to accept email sent by a server whose IP address has no associated PTR record.

Hope that helps!
Mark