Zimbra MTA outbound and inbound? (SOLVED)

[killmasta93]

Hi,
Recently moving from pure postfix email server to zimbra, really want to have the web part of emails and calendars. Before I had postfix on ubuntu and proxmox PMG filter as my relay, I was looking though the zimbra config and found the master.cf.in to change the SMTP port to 27 so it can receive inbound email from proxmox PMG (if it has port 25 the same as PMG it will say a loop because the PMG filter hostname is mail.domain.com same as zimbra so that why i need to change the port)
as changing the port and reboot i can telnet the port which is good, but there are a few issues

1) when inbound email comes though proxmox PMG filter and tries to send it to zimbra it says this error,

Code: Select all

Anonymous TLS connection established from mail.clientdomain.com[190.145.xx.xx: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 11 13:02:46 mail postfix/smtpd[15675]: NOQUEUE: reject: RCPT from mail.clientdomain.com[190.145.xxxxx]: 454 4.7.1 <sistemas@mydomain.com>: Relay access denied; from=<sistemas@clientdomain.com> to=<sistemas@mydomain.com> proto=ESMTP helo=<mail.clientdomain.local>

2) and i tried also on the MTA to relay emails outbound to the PMG filter but i get the same issue Relay access denied,

i know its not a PMG issue because i have another email server on postfix and it work, i think im missing something on zimbra,

I just want to make sure im looking at the right part the logs of postfix is in /var/log/mail.log?


Thank you

[killmasta93]

EDIT: so i was able to figure out the outbound email relay by running as zimbra user and running this command

zmprov ms mail.mydomain.co zimbraMtaRelayHost 192.168.3.141:26

now all i need is the inbound to work

[L. Mark Stone]

Please post your change to master.cf.in

[killmasta93]

Thanks for the reply, the only change i did was this part

#
# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
27 inet n - n - 1 postscreen

Thank you

[L. Mark Stone]

I believe you need to add the port-changing line directly under the existing line labeled "smtp inet n......" and further that the line should read:

Code: Select all

27     inet     n     -     n     -     -     smtpd

Don't forget about any firewalls you may have as well...

Please try and let us know?

Hope that helps,
Mark

[killmasta93]

Thanks for the reply so i realized i made the mistake and put back the port 25 and the SMTPD changed it to 27 as you posted but after restarting the service on the PMG filter i still get this issue, as this is my master

# Postfix master process configuration file. For details on the format
# of the file, see the Postfix master(5) manual page.
#
# ==========================================================================
# service type private unpriv chroot wakeup maxproc command + args
# (yes) (yes) (yes) (never) (100)
# ==========================================================================
25 inet n - n - 1 postscreen
tlsproxy unix - - n - 0 tlsproxy
dnsblog unix - - n - 0 dnsblog
27 pass - - n - - smtpd

as for the firewall rules I have NATed the port 25 which points to my PMG filter which accepts the email then transports the email on port 27 to the zimbra email server but i think the zimbra email server is rejected it because I also have another postfix email server on port 28 working fine so i know its no the PMG filter

Thank you

[killmasta93]

So after a while looking it seems that zimbra does not want to accept emails that are getting relayed, i was looking at the MTA section inbound SMTP hostname but not sure where on zimbra to accept mail from external relays?

Thank you

[killmasta93]

edit: so for some reason this is awful odd after trial and error i finally got an email go though but gmail or hotmail cannot come in though the PMG relay,
This is the log on zimbra that accepted the mail

my PMG server is 192.168.3.141 which has the same hostname mail.mydomain.com as my zimbra not sure if there's conflict?

Code: Select all

Nov 24 13:23:19 mail postfix/smtpd[25817]: connect from unknown[192.168.3.141]
Nov 24 13:23:19 mail postfix/smtpd[25817]: Anonymous TLS connection established from unknown[192.168.3.141]: TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)
Nov 24 13:23:19 mail postfix/smtpd[25817]: 2BCB69420BA: client=unknown[192.168.3.141]
Nov 24 13:23:19 mail postfix/cleanup[25821]: 2BCB69420BA: message-id=<ae5b7025-8f31-42b8-a7f2-5499f003635b@petxxx.com.co>
Nov 24 13:23:19 mail postfix/qmgr[25557]: 2BCB69420BA: from=<sistemas@petxxx.com.co>, size=3447, nrcpt=1 (queue active)
Nov 24 13:23:19 mail postfix/smtpd[25817]: disconnect from unknown[192.168.3.141] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quit=1 commands=7
Nov 24 13:23:19 mail postfix/lmtp[25822]: 2BCB69420BA: to=<sistemas@mydomain.co>, relay=mail.mydomain.co[192.168.3.100]:7025, delay=0.29, delays=0.05/0.01/0.09/0.15, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
Nov 24 13:23:19 mail postfix/qmgr[25557]: 2BCB69420BA: removed

[phoenix]

my PMG server is 192.168.3.141 which has the same hostname mail.mydomain.com as my zimbra not sure if there's conflict?

...erm, yes there's a conflict. The FQDN (if that's what you mean) of your mail server should be unique, as you resolve the server address via DNS how would it know which is the correct server for the mail?

[killmasta93]

Thanks for the reply,
as i changed the hostname on my PMG filter to ares.anotherdomain.local and no luck either so odd. is there something im missing on zimbra? as it seems not accepting email from my PMG filter maybe something on my main.cf?
I have another postfix server behind the same PMG and works with no issue.