Zimbra

Antonio Mercurio · #1 (**permalink**) 10-13-2010, 01:19 AM

Hello.

I've installed ZIMBRA 6 on a local machine running centos 5.5 followin the instruction for creating the necessaries files but, when i run the command
I've tried with firewall active ( with all related port opened) and with firewall inactive

with

/etc/resolv.conf

as

Code:

# nameserver 172.28.214.252
nameserver 127.0.0.1

nslookup mail.struttura.local

i got this message

Code:

Server:         127.0.0.1
Address:        127.0.0.1#53
** server can't find mail.struttura.local.mail.struttura.local: SERVFAIL

if I change

etc/resolve.conf

Code:

nameserver 172.28.214.252
# nameserver 127.0.0.1

then the ouput is

Code:

Server:         172.28.214.252
Address:        172.28.214.252#53

** server can't find mail.struttura.local.mail.struttura.local: SERVFAIL

These are the other configuration files

/var/named/chroot/named.conf

Code:

// Default named.conf generated by install of bind-9.2.4-2
options {
       directory "/var/named";
       dump-file "/var/named/data/cache_dump.db";
       statistics-file "/var/named/data/named_stats.txt";
forwarders { 151.99.125.2 ; };
};
include "/etc/rndc.key";
// We are the master server for server.example.com
zone "mail.struttura.local" {
    type master;
    file "db.server.struttura.local";
};

the file
/var/named/chroot/var/named/db.server.struttura.local

Code:

@       IN      SOA     mail.struttura.local. hostmaster.mail.struttura.local. (
                               10118      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
;       Define the nameservers and the mail servers
               IN      NS      172.28.214.252
               IN      A       172.28.214.252
               IN      MX      10 mail.struttura.local.

the output of

dig struttura.local mx

Code:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> struttura.local mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 15275
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;struttura.local.               IN      MX

;; AUTHORITY SECTION:
.                       7454    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2010101200 1800 900 604800 86400

;; Query time: 200 msec
;; SERVER: 172.28.214.252#53(172.28.214.252)
;; WHEN: Wed Oct 13 10:12:21 2010
;; MSG SIZE  rcvd: 108

the output of dig mail.struttura.local MX

Code:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> mail.struttura.local mx
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 56795
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.struttura.local.          IN      MX

;; Query time: 1 msec
;; SERVER: 172.28.214.252#53(172.28.214.252)
;; WHEN: Wed Oct 13 10:13:13 2010
;; MSG SIZE  rcvd: 38

dig struttura.local any

Code:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> struttura.local any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58718
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0

;; QUESTION SECTION:
;struttura.local.               IN      ANY

;; AUTHORITY SECTION:
.                       7330    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2010101200 1800 900 604800 86400

;; Query time: 7 msec
;; SERVER: 172.28.214.252#53(172.28.214.252)
;; WHEN: Wed Oct 13 10:14:25 2010
;; MSG SIZE  rcvd: 108

dig mail.struttura.local any

Code:

; <<>> DiG 9.3.6-P1-RedHat-9.3.6-4.P1.el5_4.2 <<>> mail.struttura.local any
;; global options:  printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 60471
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0

;; QUESTION SECTION:
;mail.struttura.local.          IN      ANY

;; Query time: 7 msec
;; SERVER: 172.28.214.252#53(172.28.214.252)
;; WHEN: Wed Oct 13 10:15:08 2010
;; MSG SIZE  rcvd: 38

command host $(hostname)

Code:

Host mail.struttura.local.mail.struttura.local not found: 2(SERVFAIL)

the output of

cat /etc/resolv.conf

Code:

search mail.struttura.local
nameserver 172.28.214.252
# nameserver 127.0.0.1

the output of

cat /etc/hosts

Code:

127.0.0.1  localhost.localdomain localhost
172.28.214.252  mail.struttura.local mail

Can someone help me?
(thanks in advance)

phoenix · #2 (**permalink**) 10-13-2010, 03:03 AM

The Split DNS instructions do work if you've followed them correctly. Why have you changed the resolv.conf to point to an external DNS server (that does not have valid A & MX records for your server) rather than the local DNS server? That's the cause of your problem and the fact that your DNS records point to the external public IP of your Zimbra server instead of a LAN IP. You only need a Split DNS if you are behind a NAT router, are you?

If you look at the article again you'll see a 'Verffy..' section that explains how to check the configuration is working correctly and what's actually needed.

Antonio Mercurio · #3 (**permalink**) 10-13-2010, 03:23 AM

Uhm ... i've followed the wiki article ( now i'll restart again)

The ip 172.28.214.252 is the one related to the machine that works as server on an internal network and I'm going to use ZIMBRA ( for now) as a mail gateway wiht spam and antivir.
Other machine in the same local network will access to mail.struttura.local an see the interface and each user will (I hope) access to the mailbox and will associate to it one o more external mailbox.

I've already installed Zimbra (and I can access in the localmachine (using mail.struttura.local) and in the other machines simply putting 172.28.214.252 in the browser.

I'm using the soluction of split DNS becouse ( wiht and without firewall) I can't connect any of the other account to external mailboxes.

About the Router I'm waiting the doc related to tehe installer but, for simple

I need a server that gather mails from the web and send it ( with this configuration i can send email but i can't use external mailboxes for user).

... thank you ...
( now I'll reinstall all for the 10th time )

phoenix · #4 (**permalink**) 10-13-2010, 03:33 AM

Quote:

Originally Posted by Antonio Mercurio

Uhm ... i've followed the wiki article ( now i'll restart again)

No, you haven't as your DNS records don't exist on the server that's in your resolv.conf as shown by the output of your dig commands.

Quote:

Originally Posted by Antonio Mercurio

The ip 172.28.214.252 is the one related to the machine that works as server on an internal network and I'm going to use ZIMBRA ( for now) as a mail gateway wiht spam and antivir.
Other machine in the same local network will access to mail.struttura.local an see the interface and each user will (I hope) access to the mailbox and will associate to it one o more external mailbox.

That's fine but Zimbra (actually Postfix) requires that it has valid A & MX records pointing at the server. If your other mail server also exists on your LAN and has the same domain name then you should go to the wiki and look at the Split Domain article.

Quote:

Originally Posted by Antonio Mercurio

I've already installed Zimbra (and I can access in the localmachine (using mail.struttura.local) and in the other machines simply putting 172.28.214.252 in the browser.

If you can only access it via the IP then it's a DNS problem as I've mentioned several times.

Quote:

Originally Posted by Antonio Mercurio

I'm using the soluction of split DNS becouse ( wiht and without firewall) I can't connect any of the other account to external mailboxes.

I don't understand what you mean by that statement.

About the Router I'm waiting the doc related to tehe installer but, for simple

Quote:

Originally Posted by Antonio Mercurio

... thank you ...
( now I'll reinstall all for the 10th time )

It shouldn't need to be reinstalled.

Antonio Mercurio · #5 (**permalink**) 10-13-2010, 10:23 PM

Ok Phoenix.

First thanks for your help.

Reading all your answer let me think that I'm misusing Zimbra and that I can't use it for my needs that are the follows.

I've a little office with 10 collaborators, an external ( outside the lan ) mail server, a local server ( struttura.local ).

I simple need a machine that works like a kind of proxy/mail gateway and SAMBA server for sharing directories inside the net.

Searching on Internet I found Zimbra, installed and tested and I've see that it meets my needs. The only problem is that Zimbra doesn't access to external mailboxes and I supposed it was a DNS problem and I supposed that was a simple solution to use the Split DNS solution but I think that is the incorrect soluction and I've to look for other soluction.

Summarizing:

I've a LAN on my office, a computer with centos 5.5 installed where I've installed ZIMBRA.

My LAN see the "external world" via a xDSL Router

I need to use a system, i would like to use Zimbra, for a collaboration suite and, over all, for gathering mail from the web and using inside the machine.

I've installed ZIMBRA and it sends the mail outside the LAN but ZIMBRA can't retrieve email from an external server.

I supposed that the router blocks the ports ( and this another problem that I think I can solve NATTING some ports).

By your answer I'm understanding that

1) I've to register a domain
2) I've to ask for a static IP from my telephone provider
3) Make the domain registed to point to the machine and assign the domain to the machine
4) Apply the split DNS

Is this correct or I'm making a big mistake somewhere?

phoenix · #6 (**permalink**) 10-13-2010, 11:08 PM

[QUOTE=Antonio Mercurio;198265]Reading all your answer let me think that I'm misusing Zimbra and that I can't use it for my needs that are the follows.No, you're not 'misusing' Zimbra and you can use it for what you need.

Quote:

Originally Posted by Antonio Mercurio

By your answer I'm understanding that

1) I've to register a domain
2) I've to ask for a static IP from my telephone provider
3) Make the domain registed to point to the machine and assign the domain to the machine
4) Apply the split DNS

Is this correct or I'm making a big mistake somewhere?

Lets determine your actual requirements first and we'll proceed from there. Do you already have a domain name registered for your company mail? Where do you download your mail from and how are you currently retrieving the mail?.

Direct mail delivery to your server and external mail delivery by Zimbra is by far the best solution but you can certainly use just as an internal mail/collaboration server.

Antonio Mercurio · #7 (**permalink**) 10-13-2010, 11:26 PM

Quote:

Originally Posted by phoenix

Do you already have a domain name registered for your company mail?

We have a domain on a VPS outside the lan with also pop3 and smtp3.
We have our LAN in Italy and the WebServer in Germany with totally different domain.

Quote:

Originally Posted by phoenix

Where do you download your mail from and how are you currently retrieving the mail?

Actually we access to mails using webmail via IMAP on a remote host outside the lan.

The fundamental Needs is that we have several emails that have to be opened by differents employers and the mail space on VPS is going to his end.
As I told you before Zimbra open source meets some of our needs.
I've seen other points related to other needs in the other version but the first and urgent thing is to empty the remote mailbox and put al the mail on a local sistem but still use the principal mail server becouse some other app on the remote server use the message structure of Qmail for other apps

in short mode

we have domain.tld and pop3.domain.tld and smtp.domain.tld and mail.domain.tld on a remote host. I cant move the mail server on the local machine of the lan ( the domain.local) so I've to set a system that creates a mail archive on the local machine.

So I think I have to do this
1) create a domain like posta.mydomain.tld
2) Point it to the pubblic ip of the machine
3) Edit the nat for meeting my needs
4) Remove BIND from the machine becouse the DNS is the same that I use for internet

Relate to point 3
If I want to administrate the ZIMBRA in local machine only locally can I don't open the related port?
I mean for a correct local operation wich ports I can keep closed?

phoenix · #8 (**permalink**) 10-14-2010, 03:37 AM

Quote:

Originally Posted by Antonio Mercurio

So I think I have to do this
1) create a domain like posta.mydomain.tld
2) Point it to the pubblic ip of the machine
3) Edit the nat for meeting my needs
4) Remove BIND from the machine becouse the DNS is the same that I use for internet

If all you want to do is get the email into a local Zimbra server then you should not need to do any of the steps above.

To get the email (what sort of email traffic are you getting?) into Zimbra you can do one of two things, use a product called Fetchmail (or getmail, it's a slightly better product IMO) eithr of those should be on your Linux distribution or use the function of Zimbra that allows an account to get the email from an external account. Which is the best for you would depend on the email traffic you get on a daily basis. and whether you want all the mail delivered to one account or to the correct recipient. You'll have to investigate the use of fetchmail yourself, it's not a Zimbra supplied program although there are several discussions in the forum on using it.

If you install behind a NAT router then you will need a Split DNS set-up that points to the LAN IP address of that server - it's a requirement of Postfix so mail will get delivered.

Is this Zimbra server on a VM or on real hardware and what's the specifications of that server (and the RAM for Zimbra)?

Quote:

Originally Posted by Antonio Mercurio

Relate to point 3
If I want to administrate the ZIMBRA in local machine only locally can I don't open the related port?
I mean for a correct local operation wich ports I can keep closed?

If all you're running is a Zimbra server on the LAN without direct mail delivery from outside then you need not open any external ports except for the port required for Web UI access (again assuming that's what you want).

Antonio Mercurio · #9 (**permalink**) 10-14-2010, 10:35 PM

Quote:

Originally Posted by phoenix

If all you want to do is get the email into a local Zimbra server then you should not need to do any of the steps above.

To get the email (what sort of email traffic are you getting?)

We have 45 mailboxes with a mountly traffic of 800M/2G of messages ( a lot of attaches in incoming)
We have 10 employers and 10 agents that comes in office so I'll need ZIMBRA with 25 Accounts.

I don't need to use ZIMBRA outside the office ( for now) and I woul like that the users can receive and send emails accessing from a single interface on network and ZIMBRA mets my needs.

For example: i have on external web info@ext name1@ext and name2@ext mailboxes and in Zimbra I've the accoun antonio.mercurio@localmachine

I want to gather the email from the 3 mailboxes, reply to each mail using the mail domain correct (if is possible), and send emails using a single "from" or "replyto"

I've seen in ZIMBRA (demo) and in the installed function that is fully functional exept for gathering mail from other an external domain.

Also, becouse I'm going to send a lot of mails (not spamming!), I think is better that the mail.server can be found by others system for not going to set my machine as a spam server

Quote:

Originally Posted by phoenix

into Zimbra you can do one of two things, use a product called Fetchmail (or getmail, it's a slightly better product IMO) eithr of those should be on your Linux distribution or use the function of Zimbra that allows an account to get the email from an external account. Which is the best for you would depend on the email traffic you get on a daily basis. and whether you want all the mail delivered to one account or to the correct recipient. You'll have to investigate the use of fetchmail yourself, it's not a Zimbra supplied program although there are several discussions in the forum on using it.

I know getmail, but I think that using it will be like a double use for a function that is already in ZIMBRA. I mean, I don't need emails gathered every five minutes. If one of the employers or one of the agents connects to Zimbra, then the secondary email will be downloaded by Zimbra itself.

I'll consider getmail later but now the only problem that I'm triing to solve is that: I can't connect zimbra accounts to external mail domain

Quote:

Originally Posted by phoenix

Is this Zimbra server on a VM or on real hardware and what's the specifications of that server (and the RAM for Zimbra)?

I've an old compaQ server (Compaq ProLiant ML350 with two Intel Pentium III 1.26 GHz and 2 Giga RAM)for testing but I'll install on another machine ( Dual-Core Intel® Xeon® Processor 5150 4 Giga RAM) and the machine will be dedicated for SAMBA and, I hope, For ZIMBRA.

Antonio Mercurio · #10 (**permalink**) 11-15-2010, 11:25 PM

Hello.

I'm still triing the install of Zimbra on our local machine.

At this time i didn't split the DNS but i can't send and receive mail.

I've registered a domain that points to the pubblic IP of the network and, in the router I've forwarded the pubblic IP services needed by zimbra to the ports related to the machine that i use as Zimbra exclusive server but I cant send and receive email.

.. any suggestions?

Zimbra

Downloads

Product Information

Toolbox

Why Join?