[SOLVED] Migration 6.04 32bit to 64bit step-by-step and cannot receive mails

[adrian15]

I am going to explain here my migration, with normal migration steps, ssh port setup and certificates setup. After that I will explain some configuration that I need on my particular situation.

And, well, the result of all of this is that I can receive external emails in the first minutes or so and then I cannot longer receive emails.

Senders get this error:

Code:

554 554 <user@domain.com>: Relay access denied (state 14).

So, please help me solving this error. I am ready to offer you any configuration or command output that you want.

Thank you.

Hopefully this step-by-step 32bit to 64bit migration will be useful for someone.


I - MIGRATION

My migration is based on this document: Network Edition: Moving from 32-bit to 64-bit Server - Zimbra :: Wiki
(I tried other four howtos on blogs and forums and none of them worked for me).


Source pc I have a 6.04 32-bit Debian 5 Zimbra installation.
Destination pc is going to be 6.04 64-bit Debian 5 Zimbra installation.

1) I have made the ldap dump (/opt/zimbra/libexec/zmslapcat /backup) which it is found in the destination pc at /tmp/ldap.bak.

2) zmcontrol stop as zimbra user

3) Backup /opt/zimbra


I have done a tar.gz of the /opt/zimbra directory contents in the source pc.

Code:

cd /opt
tar czf /tmp/zimbra_migration.tar.gz zimbra

This tar.gz from the source pc has been untarred in /tmp/zimbra in the destination pc.

Code:

cd /tmp
tar xzf /home/user/zimbra_migration.tar.gz

4) ZCSLicense.xml copy - Skipped.

5) I install 6.04 64 bit Debian 5 in destination pc with the same passwords, packages, spam and ham training accounts and settings than in the source pc.

Code:

mkdir /tmp/604installation
cd /tmp/604installation
wget "http://files2.zimbra.com/downloads/6.0.4_GA/zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434.tgz"
tar xzf zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434.tgz
cd zcs-6.0.4_GA_2038.DEBIAN5_64.20091214195434
./install.sh

6) I stop ZCS services in the destination pc.

Code:

zmcontrol stop

7) At destination pc I am going to restore ldap data.
7.1) Delete hdb data.

Code:

rm -rf /opt/zimbra/data/ldap/hdb/*

7.2) Ldap with replicas (Skipped).
7.3)

Code:

mkdir -p /opt/zimbra/data/ldap/hdb/db /opt/zimbra/data/ldap/hdb/logs

7.4) Ldap with replicas (Skipped).
7.5)

Code:

cp /tmp/zimbra/data/ldap/hdb/db/DB_CONFIG /opt/zimbra/data/ldap/hdb/db/DB_CONFIG

7.6)

Code:

chown -R zimbra:zimbra /opt/zimbra/data/ldap

(As root user and come back as zimbra user)
7.7)

Code:

/opt/zimbra/openldap/sbin/slapadd -q -b "" -F /opt/zimbra/data/ldap/config -cv -l /tmp/ldap.bak

8)

Code:

nano /opt/zimbra/conf/localconfig.xml

and I update all the passwords to match localconfig.xml from the old installation.

9)

Code:

rm -rf /opt/zimbra/db/data/*
cp -r /tmp/zimbra/db/data/* /opt/zimbra/db/data/

10) Copy store and index directories.

Code:

cp -r /tmp/zimbra/store/* /opt/zimbra/store/
cp -r /tmp/zimbra/index/* /opt/zimbra/index/

11) Commercial certificates copy. Skipped.

12)

Code:

rm -rf /opt/zimbra/redolog/*

13) (As root)

Code:

/opt/zimbra/libexec/zmfixperms

14) Start ZCS

Code:

zmcontrol start

15) Backup. Skipped.
16) Firewall. Skipped.

II- Minimal caveats fix

After starting ZCS I get a: zmmailboxdctl is not running when running zmcontrol status.

1) Let's solve any ssh port (mine is not standard 22) problem.

Code:

zmprov -l ms fake.domain.com zimbraRemoteManagementPort 2425

Code:

cd /opt/zimbra/bin/
./zmsshkeygen
./zmupdateauthkeys

And run as root:

Code:

/etc/init.d/ssh force-reload

2) Let's solve certificate problem. Remember that I have skipped the certificate migration step. (Run commands as root)

Code:

mv /opt/zimbra/mailboxd/etc/keystore \
/opt/zimbra/mailboxd/etc/keystore_REMOVED

/opt/zimbra/bin/zmcertmgr createca -new

/opt/zimbra/bin/zmcertmgr createcrt -new


/opt/zimbra/bin/zmcertmgr deploycrt self

/opt/zimbra/java/bin/keytool -import -alias root \
-keystore /opt/zimbra/java/jre/lib/security/cacerts \
-storepass changeit -file /opt/zimbra/conf/ca/ca.pem

Now we can do:

Code:

zmcontrol stop
zmcontrol start

III - Some needed setup (for my particular situation)
https://mail.domain.com:7071/zimbraAdmin/

* General setup. MTA. Network. Retransmission MTA for external delivery. (I remove it).
* General setup. MTA. Network. MTA server names in Internet: (I remove it).
* General setup. MTA. Network. Internal SMTP hostname: I remove it.
* General setup. MTA. Network. Protocol checks. I uncheck every one of them because I want to receive every mail.
* General setup. MTA. Authentication. I uncheck Only TLS authentication (I have learnt that if it is checked I cannot receive any external emails, please correct me if I am worng).
* Servers. fake.domain.com. MTA. Network. MTA server names in Internet: (I remove it).
* Servers. fake.domain.com. MTA. MTATrustNetworks. I edit it so that the new external ip is set as trust. 11.22.33.44/32.

* Domains. domain.com . Virtual servers. Update with the new virtual server.

IV - Zimbra restart
(As zimbra user)

Code:

zmcontrol stop
zmcontrol start

[uxbod]

As you appear to have put your email address in the thread; I tried sending a email through your server and it was accepted okay

Code:

Subject: Zimbra Test
This is a test from uxbod on the Zimbra forums.
.
250 2.0.0 Ok: queued as B425416B72
quit
221 2.0.0 Bye

Have you resolved your issue already ?

[adrian15]

Quote:

Originally Posted by uxbod

As you appear to have put your email address in the thread; I tried sending a email through your server and it was accepted okay

Code:

Subject: Zimbra Test
This is a test from uxbod on the Zimbra forums.
.
250 2.0.0 Ok: queued as B425416B72
quit
221 2.0.0 Bye

Oh, wait, I did not want to make my email public.

Quote:

Originally Posted by uxbod

Have you resolved your issue already ?

I only did:

Quote:

zmcontrol stop

then a tar of the current /opt/zimbra directory and then

Quote:

zmcontrol start

Your email was received ok.
But this morning I have just got another 554 error when sending an email from from my gmail account.

adrian15

[adrian15]

Quote:

Originally Posted by uxbod

Have you resolved your issue already ?

I think I might have found something on /var/log/zimbra.log file. I just need someone to interpret it.

This is what happens when a mail is received ok:

Code:

Apr  2 13:15:32 r29558 zmmailboxdmgr[15362]: status requested
Apr  2 13:15:32 r29558 zmmailboxdmgr[15362]: status OK
Apr  2 13:15:32 r29558 postfix/smtpd[15360]: connect from mail-bw0-f213.google.com[209.85.218.213]
Apr  2 13:15:33 r29558 postfix/smtpd[15360]: 51AC716B72: client=mail-bw0-f213.google.com[209.85.218.213]
Apr  2 13:15:33 r29558 postfix/cleanup[15394]: 51AC716B72: message-id=<4BB5D1C5.1090003@gmail.com>
Apr  2 13:15:33 r29558 postfix/qmgr[11610]: 51AC716B72: from=<sourceuser@gmail.com>, size=2213, nrcpt=1 (queue active)
Apr  2 13:15:33 r29558 amavis[8357]: (08357-15) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20100402T024627-08357: <sourceuser@gmail.com> -> <destuser@domain.com> SIZE=2213 Received: from zimbra.cumulus.lan ([127.0.0.1]) by localhost (zimbra.cumulus.lan [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <destuser@domain.com>; Fri,  2 Apr 2010 13:15:33 +0200 (CEST)
Apr  2 13:15:33 r29558 amavis[8357]: (08357-15) Checking: fh+W+G7adw3x [209.85.218.213] <sourceuser@gmail.com> -> <destuser@domain.com>
Apr  2 13:15:34 r29558 postfix/smtpd[15398]: connect from localhost.localdomain[127.0.0.1]
Apr  2 13:15:34 r29558 postfix/smtpd[15398]: 9F33916C4D: client=localhost.localdomain[127.0.0.1]
Apr  2 13:15:34 r29558 postfix/cleanup[15394]: 9F33916C4D: message-id=<4BB5D1C5.1090003@gmail.com>
Apr  2 13:15:35 r29558 postfix/smtpd[15398]: disconnect from localhost.localdomain[127.0.0.1]
Apr  2 13:15:35 r29558 postfix/qmgr[11610]: 9F33916C4D: from=<sourceuser@gmail.com>, size=3051, nrcpt=1 (queue active)
Apr  2 13:15:35 r29558 amavis[8357]: (08357-15) FWD via SMTP: <sourceuser@gmail.com> -> <destuser@domain.com>,BODY=7BIT 250 2.0.0 Ok, id=08357-15, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9F33916C4D
Apr  2 13:15:35 r29558 amavis[8357]: (08357-15) Passed CLEAN, [209.85.218.213] [88.30.238.127] <sourceuser@gmail.com> -> <destuser@domain.com>, Message-ID: <4BB5D1C5.1090003@gmail.com>, mail_id: fh+W+G7adw3x, Hits: 4.188, size: 2213, queued_as: 9F33916C4D, dkim_id=@gmail.com,sourceuser@gmail.com, 1242 ms
Apr  2 13:15:35 r29558 postfix/smtp[15395]: 51AC716B72: to=<destuser@domain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.7, delays=0.49/0/0/1.2, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=08357-15, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9F33916C4D)
Apr  2 13:15:35 r29558 postfix/qmgr[11610]: 51AC716B72: removed
Apr  2 13:15:35 r29558 postfix/lmtp[15399]: 9F33916C4D: to=<destuser@domain.com>, relay=zimbra.cumulus.lan[188.165.52.252]:7025, delay=1.1, delays=0.38/0.01/0/0.68, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Apr  2 13:15:35 r29558 postfix/qmgr[11610]: 9F33916C4D: removed
Apr  2 13:16:03 r29558 postfix/smtpd[15360]: disconnect from mail-bw0-f213.google.com[209.85.218.213]
Apr  2 13:16:05 r29558 zmmailboxdmgr[15767]: status requested
Apr  2 13:16:05 r29558 zmmailboxdmgr[15767]: status OK

And this is what happens when I get a 554 in gmail:

Code:

Apr  2 13:20:01 r29558 postfix/pickup[20265]: 6DFF216C4D: uid=1002 from=<zimbra>
Apr  2 13:20:01 r29558 postfix/cleanup[20339]: 6DFF216C4D: message-id=<20100402112001.6DFF216C4D@zimbra.cumulus.lan>
Apr  2 13:20:01 r29558 postfix/qmgr[11610]: 6DFF216C4D: from=<zimbra@zimbra.cumulus.lan>, size=450, nrcpt=1 (queue active)
Apr  2 13:20:01 r29558 postfix/pickup[20265]: BC2E916B72: uid=1002 from=<zimbra>
Apr  2 13:20:01 r29558 postfix/cleanup[20339]: BC2E916B72: message-id=<20100402112001.BC2E916B72@zimbra.cumulus.lan>
Apr  2 13:20:01 r29558 zimbramon[20351]: 20351:info: 2010-04-02 13:20:01, QUEUE: 1 3
Apr  2 13:20:01 r29558 amavis[8359]: (08359-07) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20100402T061002-08359: <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com> SIZE=450 Received: from zimbra.cumulus.lan ([127.0.0.1]) by localhost (zimbra.cumulus.lan [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <destuser@domain.com>; Fri,  2 Apr 2010 13:20:01 +0200 (CEST)
Apr  2 13:20:01 r29558 amavis[8359]: (08359-07) Checking: Tp2ElDyvUoyQ <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>
Apr  2 13:20:01 r29558 clamd[8848]: SelfCheck: Database status OK.
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: connect from localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: 0E88B16C4F: client=localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 postfix/cleanup[20455]: 0E88B16C4F: message-id=<20100402112001.6DFF216C4D@zimbra.cumulus.lan>
Apr  2 13:20:02 r29558 postfix/qmgr[11610]: 0E88B16C4F: from=<zimbra@zimbra.cumulus.lan>, size=1121, nrcpt=1 (queue active)
Apr  2 13:20:02 r29558 postfix/qmgr[11610]: BC2E916B72: from=<zimbra@zimbra.cumulus.lan>, size=453, nrcpt=1 (queue active)
Apr  2 13:20:02 r29558 amavis[8363]: (08363-12) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20100402T032001-08363: <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com> SIZE=453 Received: from zimbra.cumulus.lan ([127.0.0.1]) by localhost (zimbra.cumulus.lan [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <destuser@domain.com>; Fri,  2 Apr 2010 13:20:02 +0200 (CEST)
Apr  2 13:20:02 r29558 amavis[8363]: (08363-12) Checking: nwjPDet3zaqn <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: disconnect from localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 amavis[8359]: (08359-07) FWD via SMTP: <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>,BODY=7BIT 250 2.0.0 Ok, id=08359-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0E88B16C4F
Apr  2 13:20:02 r29558 amavis[8359]: (08359-07) Passed CLEAN, <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>, Message-ID: <20100402112001.6DFF216C4D@zimbra.cumulus.lan>, mail_id: Tp2ElDyvUoyQ, Hits: 3.114, size: 450, queued_as: 0E88B16C4F, 774 ms
Apr  2 13:20:02 r29558 postfix/smtp[20454]: 6DFF216C4D: to=<destuser@domain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.4, delays=0.65/0.01/0/0.77, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=08359-07, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 0E88B16C4F)
Apr  2 13:20:02 r29558 postfix/qmgr[11610]: 6DFF216C4D: removed
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: connect from localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: 9739C16C4D: client=localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 postfix/cleanup[20339]: 9739C16C4D: message-id=<20100402112001.BC2E916B72@zimbra.cumulus.lan>
Apr  2 13:20:02 r29558 postfix/smtpd[20490]: disconnect from localhost.localdomain[127.0.0.1]
Apr  2 13:20:02 r29558 amavis[8363]: (08363-12) FWD via SMTP: <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>,BODY=7BIT 250 2.0.0 Ok, id=08363-12, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9739C16C4D
Apr  2 13:20:02 r29558 amavis[8363]: (08363-12) Passed CLEAN, <zimbra@zimbra.cumulus.lan> -> <destuser@domain.com>, Message-ID: <20100402112001.BC2E916B72@zimbra.cumulus.lan>, mail_id: nwjPDet3zaqn, Hits: 3.115, size: 453, queued_as: 9739C16C4D, 550 ms
Apr  2 13:20:02 r29558 postfix/smtp[20543]: BC2E916B72: to=<destuser@domain.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=1.2, delays=0.68/0.01/0/0.55, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=08363-12, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9739C16C4D)
Apr  2 13:20:02 r29558 postfix/qmgr[11610]: 9739C16C4D: from=<zimbra@zimbra.cumulus.lan>, size=1124, nrcpt=1 (queue active)
Apr  2 13:20:02 r29558 postfix/qmgr[11610]: BC2E916B72: removed
Apr  2 13:20:03 r29558 postfix/lmtp[20542]: 0E88B16C4F: to=<destuser@domain.com>, relay=zimbra.cumulus.lan[188.165.52.252]:7025, delay=1.2, delays=0.15/0.01/0.01/1, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Apr  2 13:20:03 r29558 postfix/qmgr[11610]: 0E88B16C4F: removed
Apr  2 13:20:03 r29558 postfix/lmtp[20575]: 9739C16C4D: to=<destuser@domain.com>, relay=zimbra.cumulus.lan[188.165.52.252]:7025, delay=0.86, delays=0.18/0.01/0/0.67, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Apr  2 13:20:03 r29558 postfix/qmgr[11610]: 9739C16C4D: removed

Some other message logs that might be interesting (although I don't think so):

Code:

Apr  2 13:18:19 r29558 zmmailboxdmgr[18955]: status requested
Apr  2 13:18:19 r29558 zmmailboxdmgr[18955]: status OK
Apr  2 13:19:23 r29558 postfix/anvil[15381]: statistics: max connection rate 1/60s for (smtp:209.85.218.213) at Apr  2 13:15:32
Apr  2 13:19:23 r29558 postfix/anvil[15381]: statistics: max connection count 1 for (smtp:209.85.218.213) at Apr  2 13:15:32
Apr  2 13:19:23 r29558 postfix/anvil[15381]: statistics: max cache size 1 at Apr  2 13:15:32
Apr  2 13:19:42 r29558 zmmailboxdmgr[20230]: status requested
Apr  2 13:19:42 r29558 zmmailboxdmgr[20230]: status OK

Some log details:

domain.com is the main mail domain.
sourceuser is my gmail account username.
destuser is my domain.com username.
zimbra.cumulus.lan is a fake domain (split dns).

So Do you have any idea of what it is happening?

adrian15

[adrian15]

Here there is the tunning that I have done so far (in order to improve overall performance):

Code:

zmlocalconfig -e zmmtaconfig_interval=3600 
zmlocalconfig -e zmdisklog_critical_threshold=95
zmlocalconfig -e zmdisklog_warn_threshold=92
zmlocalconfig -e zmstat_disk_interval=3600

I edit /opt/zimbra/conf/amavisd.conf.in and change:

Code:

$max_servers = 1;

(instead of 10).

And there is a file found at: /opt/zimbra/log/stacktrace.11796.20100402185936 (with other four stack trace files) which says (I have cut some lines if you need the big file ask me to attach it to the post):

Code:

zmthrdump: Requested thread dump [PID 6892] at Fri Apr  2 18:59:36 2010
Full thread dump Java HotSpot(TM) 64-Bit Server VM (14.2-b01 mixed mode):

"DestroyJavaVM" prio=10 tid=0x00007ff35c3c4000 nid=0x1aee waiting on condition [0x0000000000000000]
   java.lang.Thread.State: RUNNABLE

"Timer-5" daemon prio=10 tid=0x00007ff35c3cd800 nid=0x1b76 in Object.wait() [0x00000000418db000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	at java.util.TimerThread.run(Timer.java:462)

"Timer-4" daemon prio=10 tid=0x00007ff35c3c1000 nid=0x1b74 in Object.wait() [0x0000000040cff000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	at java.util.TimerThread.run(Timer.java:462)

"Timer-3" daemon prio=10 tid=0x00007ff35c20c000 nid=0x1b73 in Object.wait() [0x0000000041de3000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	at java.util.TimerThread.run(Timer.java:462)

"Thread-45" daemon prio=10 tid=0x00007ff362c86800 nid=0x1b71 waiting on condition [0x000000004189a000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at org.apache.log4j.helpers.FileWatchdog.run(FileWatchdog.java:104)

"threads.csv" prio=10 tid=0x00007ff3641c6000 nid=0x1b70 waiting on condition [0x0000000040e48000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at java.lang.Thread.run(Thread.java:619)

"pop3.csv" prio=10 tid=0x00007ff3641c4000 nid=0x1b6f waiting on condition [0x0000000040f5f000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at java.lang.Thread.run(Thread.java:619)

"imap.csv" prio=10 tid=0x00007ff364a42800 nid=0x1b6e waiting on condition [0x0000000040cbe000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at java.lang.Thread.run(Thread.java:619)

"soap.csv" prio=10 tid=0x00007ff3640b2000 nid=0x1b6d waiting on condition [0x0000000041702000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at java.lang.Thread.run(Thread.java:619)

"mailboxd.csv" prio=10 tid=0x00007ff3641cb000 nid=0x1b6c waiting on condition [0x0000000040689000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at java.lang.Thread.run(Thread.java:619)

"MailboxPurge" prio=10 tid=0x00007ff36502f800 nid=0x1b6b waiting on condition [0x000000004082c000]
   java.lang.Thread.State: TIMED_WAITING (sleeping)
	at com.zimbra.cs.mailbox.PurgeThread.run(PurgeThread.java:120)

"ScheduledTask-3" daemon prio=10 tid=0x00007ff36502f000 nid=0x1b6a waiting on condition [0x0000000040648000]
   java.lang.Thread.State: TIMED_WAITING (parking)
	at java.lang.Thread.run(Thread.java:619)

"ScheduledTask-2" daemon prio=10 tid=0x00007ff3648e5000 nid=0x1b69 waiting on condition [0x0000000040c7d000]
   java.lang.Thread.State: TIMED_WAITING (parking)
	at java.lang.Thread.run(Thread.java:619)

"ScheduledTask-1" daemon prio=10 tid=0x00007ff3648e4000 nid=0x1b68 waiting on condition [0x0000000041442000]
   java.lang.Thread.State: TIMED_WAITING (parking)
	at java.lang.Thread.run(Thread.java:619)

"ImapSSLServer" prio=10 tid=0x00007ff3642af000 nid=0x1b5c runnable [0x0000000040ae9000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"ImapServer" prio=10 tid=0x00007ff36424d000 nid=0x1b5b runnable [0x000000004101b000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"Pop3SSLServer" prio=10 tid=0x00007ff364236800 nid=0x1b5a runnable [0x0000000041bda000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"LmtpServer" prio=10 tid=0x00007ff36422b800 nid=0x1b59 runnable [0x0000000040470000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"pool-3-thread-1" prio=10 tid=0x00007ff364195000 nid=0x1b58 waiting on condition [0x0000000041d26000]
   java.lang.Thread.State: TIMED_WAITING (parking)
	at java.lang.Thread.run(Thread.java:619)

"SocketAcceptor-2" daemon prio=10 tid=0x00007ff3641f1000 nid=0x1b55 runnable [0x00000000412bb000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"SocketAcceptor-1" daemon prio=10 tid=0x00007ff3637ee000 nid=0x1b54 runnable [0x00000000416c1000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"SocketAcceptor-0" daemon prio=10 tid=0x00007ff35c020000 nid=0x1b53 runnable [0x0000000041401000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"SocketSendingTracker" daemon prio=10 tid=0x00007ff364330000 nid=0x1b52 in Object.wait() [0x0000000040aa8000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	- locked <0x00007ff377f6b0a8> (a org.jivesoftware.wildfire.net.SocketSendingTracker$1)

"Secure Socket Listener" daemon prio=10 tid=0x00007ff36417b800 nid=0x1b51 runnable [0x0000000041680000]
   java.lang.Thread.State: RUNNABLE
	at org.jivesoftware.wildfire.net.SSLSocketAcceptThread.run(SSLSocketAcceptThread.java:148)

"Secure Socket Listener" daemon prio=10 tid=0x00007ff3641a0800 nid=0x1b4d runnable [0x0000000041b66000]
   java.lang.Thread.State: RUNNABLE
	at org.jivesoftware.wildfire.net.SSLSocketAcceptThread.run(SSLSocketAcceptThread.java:148)

"pool-2-thread-1" prio=10 tid=0x00007ff363dfe800 nid=0x1b4c runnable [0x00000000400c7000]
   java.lang.Thread.State: RUNNABLE
	at java.lang.Thread.run(Thread.java:619)

"Auditor" prio=10 tid=0x00007ff36a274800 nid=0x1b4a in Object.wait() [0x0000000041948000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	at java.util.TimerThread.run(Timer.java:462)

"MUC cleanup" prio=10 tid=0x00007ff36a34e000 nid=0x1b49 in Object.wait() [0x0000000040a67000]
   java.lang.Thread.State: TIMED_WAITING (on object monitor)
	at java.util.TimerThread.run(Timer.java:462)
...

"Finalizer" daemon prio=10 tid=0x00007ff36a652000 nid=0x1b06 in Object.wait() [0x00000000417bc000]
   java.lang.Thread.State: WAITING (on object monitor)
	at java.lang.Object.wait(Native Method)
	- waiting on <0x00007ff37add41f0> (a java.lang.ref.ReferenceQueue$Lock)
	at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:118)
	- locked <0x00007ff37add41f0> (a java.lang.ref.ReferenceQueue$Lock)
	at java.lang.ref.ReferenceQueue.remove(ReferenceQueue.java:134)
	at java.lang.ref.Finalizer$FinalizerThread.run(Finalizer.java:159)

"Reference Handler" daemon prio=10 tid=0x00007ff36a64a800 nid=0x1b02 in Object.wait() [0x0000000041ca4000]
   java.lang.Thread.State: WAITING (on object monitor)
	at java.lang.Object.wait(Native Method)
	- waiting on <0x00007ff37a6d0848> (a java.lang.ref.Reference$Lock)
	at java.lang.Object.wait(Object.java:485)
	at java.lang.ref.Reference$ReferenceHandler.run(Reference.java:116)
	- locked <0x00007ff37a6d0848> (a java.lang.ref.Reference$Lock)

"VM Thread" prio=10 tid=0x00007ff36a643800 nid=0x1b00 runnable 

"Gang worker#0 (Parallel GC Threads)" prio=10 tid=0x0000000040119000 nid=0x1af0 runnable 

"Gang worker#1 (Parallel GC Threads)" prio=10 tid=0x000000004011b000 nid=0x1af1 runnable 

"Gang worker#2 (Parallel GC Threads)" prio=10 tid=0x000000004011c800 nid=0x1af2 runnable 

"Concurrent Mark-Sweep GC Thread" prio=10 tid=0x00007ff36dfdd000 nid=0x1af4 runnable 
"VM Periodic Task Thread" prio=10 tid=0x00007ff364006800 nid=0x1b13 waiting on condition

Is this stack trace related to my system not being able to receive emails from time to time?

Thank you very much!

adrian15

[adrian15]

Quote:

Originally Posted by adrian15

Senders get this error:

Code:

554 554 <user@domain.com>: Relay access denied (state 14).

I think I have found the problem and a workaround solution but I am not very sure.

Here there is part of dig domain.com mx output:

Code:

;; ANSWER SECTION:
mydomain.com.            300     IN      MX      10 mx.ispbackupmx1.com.
mydomain.com.            300     IN      MX      10 mx.ispbackupmx2.com.
mydomain.com.            300     IN      MX      10 mx.mydomain.com.

As you can see all the mx servers have the same priority.

So my bet is (because I have tried to telnet mx.ispbackupmx1.com manually to send an email to mx.mydomain.com) that either :

1)mx.ispbackupmx1.com is blocking is not allowed to relay email to mx.mydomain.com

or
2) somewhat zimbra running on mx.mydomain.com blocks messages that come from mx.ispbackupmx1.com

I have tried to add ispbackupmx1IP/32 to the mtatrustnetwork value and I have not seen any change at all (/var/log/zimbra.log is not updated when I send an email from my gmail account).

So two questions:

1) Is it safe to add ispbackupmx1IP/32 to mtatrustnetwork field?
2) How am I supposed to allow relay (to my own domains, of course) from mx.ispbackupmx1.com?

I mean, because I have already put mx.ispbackupmx1.com mx.ispbackupmx2.com mx.mydomain.com in the
Internet mail MTA server name fields and I have not noticed any improvement.

Thank you very much for your patience and your attention.

adrian15

P.S.: In another post in this same thread I wrote something about:

Quote:

And this is what happens when I get a 554 in gmail

. Ignore it. The log was about an internal mail and not an external mail being refused or whatever. I mean, for what I wanted to track, the log was actually empty.

[phoenix]

You should not create multiple MX records with the same priority that also point to different servers (A records). You point your domain MX record to your IP address with the highest priority, if you have a backup MX record it should have a lower priority and point to a different server (A record).

Is your ISP really providing a Backup MX service or are they just receiving emails for your domain? Do NOT add the ISPs mail server to your Trusted Network, it's not necessary and may be a security risk.

[phoenix]

Quote:

Originally Posted by adrian15

So two questions:

1) Is it safe to add ispbackupmx1IP/32 to mtatrustnetwork field?

No, it isn't a good idea.

Quote:

Originally Posted by adrian15

2) How am I supposed to allow relay (to my own domains, of course) from mx.ispbackupmx1.com?

It doesn't 'relay' to your server, if it is a genuine Backup MX server then it will forward the mail to your server (via Port 25) when your server is back on-line. I think you need to explain in some more details what you're trying to achieve by using your ISPs mail server as a Backup MX, my guess is it's just a normal mail server and not a Backup MX - if that's the case you need to make some other choices about what you're doing with this.

[adrian15]

Quote:

Originally Posted by phoenix

No, it isn't a good idea.

Ok. I remove it.

Quote:

Originally Posted by phoenix

It doesn't 'relay' to your server, if it is a genuine Backup MX server then it will forward the mail to your server (via Port 25) when your server is back on-line.

I see.

Quote:

Originally Posted by phoenix

I think you need to explain in some more details what you're trying to achieve by using your ISPs mail server as a Backup MX, my guess is it's just a normal mail server and not a Backup MX - if that's the case you need to make some other choices about what you're doing with this.

It was not me who decided that our isp mx was going to be the backup mx, it has not been till today that I have seen that the supposed isp backup mx was the source of all of my receive problems.

Quote:

Originally Posted by phoenix

if you have a backup MX record it should have a lower priority and point to a different server (A record).

It's ok. I had already guessed that, our server should be priority 10 and then the supposedly backup servers should have priority 20 and priority 30.

Ok, so, let's wait for mx records to be changed and I will come back with good news I hope.

adrian15

[phoenix]

As I've already mentioned, the problem is likely to be the fact that your ISPs mail server is just a 'normal' mail server - that won't act as a Backup MX. Is it really a Backup MX or not and why are you using your ISPs mail server for this set-up?