| Welcome to the Zimbra :: Forums! | |
Welcome, if you would like to post a comment please register.
We also encourage you to explore all things Zimbra with our team and members of the community.
|
 | | 
11-07-2010, 12:41 PM
| | |  Having problems with internal-only install
Hello, I'm running the Zimbra Ubuntu appliance. I've set up split dns and am having problems with receiving mail. I believe it's in my BIND9 config. I do not want this machine to have access to the outside world.
Here are my settings. I would really appreciate some help. The end goal is to have an internal-LAN only email/webmail server that other test machines can send emails to OR use as an external )to them) SMTP server to deliver mail to accounts on the internal-only Zimbra server.
Please give me your thoughts. I'd be happy to provide more info. Domain name obfuscated to "my.domain"
I can send and receive emails internally only on the "my.domain" account via Zimbra webmail.
named.conf Code: zone "localhost" {
type master;
file "/etc/bind/db.local";
};
zone "127.in-addr.arpa" {
type master;
file "/etc/bind/db.127";
};
zone "0.in-addr.arpa" {
type master;
file "/etc/bind/db.0";
};
zone "255.in-addr.arpa" {
type master;
file "/etc/bind/db.255";
};
zone "my.domain" {
type master;
file"/etc/bind/db.my.domain";
}; /etc/hosts Code: 127.0.0.1 localhost mail.example.com
127.0.1.1 zimbra
192.168.246.165 my.domain hostname /etc/bind/db.my.domain BIND entry Code: ;
; Addresses and other host information.
;
@ IN SOA my.domain. hostmaster.my.domain. (
10118 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
; Define the nameservers and the mail servers
IN NS 192.168.246.165
IN A 192.168.246.165
IN MX 10 my.domain  |
11-07-2010, 11:01 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Your hosts file is completely wrong, the format is described in the Quick Start Installation Guide (link to Docs at the top of this page) and all over the forums.
Go to the Spit DNS article and you'll find details of the requirements of the set-up including the hosts file, run the commands in the 'Verify...' section of that article to confirm it's working correctly.
__________________
Regards
Bill
|
11-08-2010, 11:20 AM
| | |
All I want is a simple, intranet only webmail server. Do I need Split DNS for that? I worked on this for hours. Ubuntu server keeps on overwriting my resolv.conf, Zimbra slapd errors out so that Zimbra won't even start, it's extremely frustrating. |
11-08-2010, 12:22 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Quote:
Originally Posted by LittleLebowski  All I want is a simple, intranet only webmail server. Do I need Split DNS for that? | Yes, you do need it as Postfix does a DNS lookup to deliver email. Quote:
Originally Posted by LittleLebowski I worked on this for hours. Ubuntu server keeps on overwriting my resolv.conf, Zimbra slapd errors out so that Zimbra won't even start, it's extremely frustrating. | That's because you don't have the correct DNS records and possibly the hosts file is incorrect. It should be fairly straightforward to set-up, there's even a Ubuntu 'how to' for split DNS in the wiki.
__________________
Regards
Bill
|
11-08-2010, 03:20 PM
| | |
Ubuntu 10.04 Server 192.168.246.165 is the box's IP address. Code: cat /etc/hostname fakedomain.com Code: cat /etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.246.165 mail.fakedomain.com mail Code: cat /etc/bind/named.conf.options
options {
directory "/var/cache/bind";
// If there is a firewall between you and nameservers you want
// to talk to, you may need to fix the firewall to allow multiple
// ports to talk. See http://www.kb.cert.org/vuls/id/800113
// If your ISP provided one or more IP addresses for stable
// nameservers, you probably want to use them as forwarders.
// Uncomment the following block, and insert the addresses replacing
// the all-0's placeholder.
forwarders {
192.168.246.165;
};
auth-nxdomain no; # conform to RFC1035
listen-on-v6 { any; };
};
zone "fakedomain.com" {
type master;
file "/var/cache/bind/db.23";
}; Code: cat /etc/bind/db.23
;
; Addresses and other host information.
;
@ IN SOA cdbamail.gov. hostmaster.cdbamail.gov. (
10118 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
; Define the nameservers and the mail servers
IN NS 192.168.246.165
IN A 192.168.246.165
IN MX 10 fakedomain.com Code: cat /etc/resolv.conf
nameserver 192.168.246.165
domain fakedomain.com
search fakedomain.com Code: dig fakedomain.gov mx
; <<>> DiG 9.7.0-P1 <<>> fakedomain.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 49359
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;fakedomain.com. IN MX
;; Query time: 0 msec
;; SERVER: 192.168.246.165#53(192.168.246.165)
;; WHEN: Mon Nov 8 18:18:40 2010
;; MSG SIZE rcvd: 30 |
11-08-2010, 11:35 PM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
If you think about it, there's no place you your /etc/bind/db.23 config file that DNS can determine the IP address of your mail server. Unfortunately, at some time, the Split DNS article seems to have either been modified or had an incorrect entry for the DNS config from the start.
In short, the A record is incorrect. I've modified the article, check it again and modify your file to match the one in the article.
__________________
Regards
Bill
|
11-09-2010, 10:26 AM
| | |
OK, here's my db.23 file. Still does not work. I appreciate your help very much. Code: ;
; Addresses and other host information.
;
@ IN SOA fakedomain.com. hostmaster.fakedomain.com. (
10118 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
; Define the nameservers and the mail servers
IN NS 192.168.246.165
IN MX 10 fakedomain.com
mail IN A 192.168.246.165 |
11-09-2010, 10:44 AM
| | Zimbra Consultant & Moderator | |
Posts: 20,317
| |
Is your firewall and Apparmor disabled on this server? Please post the output of the two dig commands and the host command from the Split DNS 'Verify..' section.
Your MX record isn't in the correct format as shown in the article, you have: Code: IN MX 10 fakedomain.com when it should be: Code: IN MX 10 mail.fakedomain.com. It should be the FQDN of your Zimbra server and not the '.' (period) after the domain name, it is important in BIND.
__________________
Regards
Bill
|
11-09-2010, 12:49 PM
| | |
Bill, I appreciate your help with my sloth and ineptitude.
I added the missing period to the db.23 file. Checked permissions as well. Code: dig fakedomain.com any
; <<>> DiG 9.7.0-P1 <<>> fakedomain.com any
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: SERVFAIL, id: 9822
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0
;; QUESTION SECTION:
;fakedomain.com IN ANY
;; Query time: 0 msec
;; SERVER: 192.168.246.165#53(192.168.246.165)
;; WHEN: Tue Nov 9 15:32:51 2010
;; MSG SIZE rcvd: 30 Code: host $(hostname)
Host fakedomain.com.fakedomain.com not found: 2(SERVFAIL) |
11-09-2010, 07:24 PM
| | |
Bill was tell you what the problem, your hostname and hosts should be like that:
/etc/hosts
127.0.0.1 localhost.localdomain localhost
192.168.246.165 fakedomain.gov fakedomain
Edit your hostname to FQDN of your mx record:
# echo fakedomain.gov > /etc/hostname
Remember if you're using "mail.fakedomain.com" in /etc/hosts make sure mail.fakedomain.com is FQDN  | | Thread Tools | Search this Thread | | | | | Display Modes |  Linear Mode | | Why Join? Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.   |
Bugzilla
Wiki
Source
