Assistance configuring inbound MTA

[mark.d.henning]

I am setting up a zimbra server in hopes of weaning myself off of my upstream host owner's technical support. So far I am only partially successful.

As I am a residential Comcast subscriber, and they mistakenly believe that only spammers would want a home mail server, they block several well-known ports.

I have successfully configured outbound email (see MTAServerSettingsLow.jpg) to go to a nontraditional port (8088), and mail from my webclient account delivers just fine.

I am unable to get inbound trafic to work. (see TheError.jpg). I configured the upstream IP (208.42.127.109/32) into the MTA trusted networks, and later turned off DNS lookups, but I still fail.

Any assistance will be greatly appreciated. If I need to dump a configuration to help you help me, please point me to the appropriate place. I'm trying to stay within the GUI to get things configured, as that was a primary goal in my administration simplification choice.

Cordially,

Mark.

[phoenix]

Quote:

Originally Posted by mark.d.henning

I am unable to get inbound trafic to work. (see TheError.jpg). I configured the upstream IP (208.42.127.109/32) into the MTA trusted networks,

You should never, ever, do this as you set yourself up to be an open relay if the other MTA is ever compromised. You should set up a local account on your server and get the other MTA to authorise against your port 587 for delivering mail to you. What is this other MTA, a paid for service?

Quote:

Originally Posted by mark.d.henning

..and later turned off DNS lookups, but I still fail.

You should leave that turned on, I assume you are behind a NAT router? If you are you'll need a Split DNS set-up to ensure mail is delivered correctly.

[mark.d.henning]

I have turned on the dns lookup as suggested; I have turned off the authentication. I am still receiving no traffic from my relay. Attached are the three output files that similar problems have requested. I have no trouble with the sendmail host I have on my production server.

Any help would be appreciated. I am beginning to despair of ever getting this running correctly.

[zimbra@starfish tmp]$ dig mx.test.gldnrtvr.com

; <<>> DiG 9.6.2-P2-RedHat-9.6.2-4.P2.fc11 <<>> mx.test.gldnrtvr.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 5505
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;mx.test.gldnrtvr.com. IN A

;; AUTHORITY SECTION:
gldnrtvr.com. 3600 IN SOA ns.gldnrtvr.com. root.gldnrtvr.com. 201006141 3600 900 3600 3600

;; Query time: 652 msec
;; SERVER: 10.10.10.1#53(10.10.10.1)
;; WHEN: Mon Aug 2 17:49:47 2010
;; MSG SIZE rcvd: 82

[zimbra@starfish tmp]$ dig mx.gldnrtvr.com

; <<>> DiG 9.6.2-P2-RedHat-9.6.2-4.P2.fc11 <<>> mx.gldnrtvr.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 37598
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mx.gldnrtvr.com. IN A

;; ANSWER SECTION:
mx.gldnrtvr.com. 3600 IN A 24.118.146.193

;; Query time: 604 msec
;; SERVER: 10.10.10.1#53(10.10.10.1)
;; WHEN: Mon Aug 2 17:51:05 2010
;; MSG SIZE rcvd: 49

[phoenix]

Quote:

Originally Posted by mark.d.henning

I have turned on the dns lookup as suggested; I have turned off the authentication. I am still receiving no traffic from my relay. Attached are the three output files that similar problems have requested. I have no trouble with the sendmail host I have on my production server.

Any help would be appreciated. I am beginning to despair of ever getting this running correctly.

As I mentioned earlier, you need a Split DNS set-up because you're behind a NAT router. Zimbra must be able to resolve your LAN IP address for correct mail delivery, go to the Split DNS article and follow the instructions there - it has complete details on what you need to do including how to verify the set up. Your /etc/hosts file is also incorrect and you should read the Quick Start Installation Guide for details (link to the Docs is at the top of this page).

[mark.d.henning]

I decided to start from scratch and made a fresh install of fedora 11 following the quick start guide step by step. I also installed bind and set up split DNS as you recommended.

I am still concerned because when I try to install zimbra it still complains about DNS problems when I enter the host. I have backed out (install.sh -u) and want to check whether I have actually configured the files correctly.

I have attached a network diagram, and a tarball containing my
/etc/hosts
/etc/resolv.conf
/etc/named.conf
/var/named/db.zimbra.gldnrtvr.com
typescript.out

The last is a typescript of me performing the dig commands suggested in the split-DNS article, as well as some nslookups.

If I have set up my system correctly now and I can ignore the warning that
mx.snookles.com (my mx) does not resolve to 10.10.10.7, then I will perform the install and hopefully all will be ok. Otherwise, please advise me what I need to do to get this working.

Thank you,

Mark