Zimbra proper IP config with external DNS server

Ask questions about your setup or get help installing ZCS server (ZD section below).
Post Reply
azrim
Posts: 2
Joined: Wed Jan 23, 2019 2:17 am

Zimbra proper IP config with external DNS server

Post by azrim »

Hi,

I,m really new to zimbra and with so limited knowledge on MX and DNS resolve for mail routing. Recently I had just installed zcs 8.8.11 on CentOS 7 host named mail.abc.com. My domain is abc.com. I already had one existing external DNS server managed by myself named mutiara.abc.com
Both zimbra mail.abc.com host and external DNS mutiara.abc.com host reside in DMZ zone with static public IP respectively. I had installed and configured zimbra very well and its working fine sending/receiving email locally and externally without problem.

Below is my config on zimbra host mail.abc.com:

1) /etc/sysconfig/network-scripts/ifcfg-eth0
IPADDR="172.16.6.5" (internal IP address)
PREFIX="255.255.255.224"
GATEWAY="172.16.6.1"
DNS1="172.16.6.5"

2) /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
172.16.6.5 mail.abc.com mail

3) /etc/resolve.conf
search abc.com
nameserver 172.16.6.5


Below is my config on external DNS server (mutiara.abc.com):

A record = mutiara.abc.com (1.10.136.10) --> public ip address
NS record = mutiara.abc.com
SOA record = mutiara.abc.com
A record = mail.abc.com (1.10.136.20) ---> public ip address
MX Record = mail.abc.com (preference no 10)


Below is my result for :
dig -t A mail.perda.gov.my

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> -t A mail.perda.gov.my
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 7190
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.abc.com. IN A

;; ANSWER SECTION:
mail.abc.com. 3377 IN A 172.16.6.5

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 01 11:37:00 +08 2019
;; MSG SIZE rcvd: 62

Below is my result for :
dig -t MX abc.com

; <<>> DiG 9.9.4-RedHat-9.9.4-72.el7 <<>> -t MX perda.gov.my
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20676
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;abc.com. IN MX

;; AUTHORITY SECTION:
abc.com. 1238 IN SOA hqfs01.abc.com. hostmaster.abc.com. 27740 900 600 86400 3600

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 01 11:38:10 +08 2019
;; MSG SIZE rcvd: 104


**My questions what is the correct setting for my config both zimbra host and external dns in order to allow external and internal mail sending/receiving mail properly through web client and mobile phone? Are my dig command return the correct/wrong results? If not what is supposed to be the answer for dig?

Thank you for those who really concerns into my problem. From the internet there are so many wide range of solutions to solve zimbra send/receive email but none of them are really solid for my solutions. Sorry for my bad english.
onur
Posts: 9
Joined: Sun Feb 10, 2019 10:51 am

Re: Zimbra proper IP config with external DNS server

Post by onur »

I got almost the similar problem with Zimbra @Centos 7. I can send email but not recieve due to MX local IP with public IP mixup

my MX was real IP address, no matter I told MX server as local I failed.

So here is what I did,

I installed Zimbra CE with all features enabled (including its own DNS), no BIND.

After that I configured my PfSense firewall DNS resolver to include Host Overrides for the mail.yourdomain.com to have local zimbra IP. So zimbra always thinks it is using local MX, but for outside it is always Public IP.

OnuR
phoenix
Ambassador
Ambassador
Posts: 27272
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: Zimbra proper IP config with external DNS server

Post by phoenix »

The answer to this problem is a Split DNS, it has been described in a Zimbra wiki article and many times in these forums plus it's a fairly standard implementation if you're behind a NAT router and there's plenty of internet articles on the subject.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
Post Reply