Below are a common mail server problems that might be hit you if you wish to move and use your mail server as production server without full & complete check :
- Relay access denied because you have a dynamic public IP Address
- Email from your mail server delivered to spam box on Gmail or Yahoo mail
- Some of your outbound mail being deferred while trying to send to certain domain/recipient
The problem occurred for many reason. It can be a dynamic IP that blacklisted as an open relay mail server; Your IP got trapped and blacklisted on some RBLhost; The destination mail server could not look up your defined host and/or ip address; a missing PTR records or Reverse DNS Zone on your DNS Server and much more.
These are some tips & tricks to solved the problem. If you have no public-static IP address for your mail server, or your mail server behind a NAT service, or you may have no authority to modify the DNS zone, ISP relay may the answer for your problem.
ISP relay means that our mail server will not deliver the outbound mails to the destination mail server. Our mail server will deliver all outbound mails into ISP server (ISP domain & hosting, where our domain resides) and then the ISP server send the message to final destination. It’s means that our mail server will only act as a gateway to the ISP relay.To prevent an open relay hijack from spammer, ISP server usually need an authentication before allows the email delivery.
ISP relays solved the above problem. Any DNS lookup, blacklisted IP or Reverse DNS zone will be asked to ISP mail server. With the reputation of ISP, their mail server should be passed any security check.
Below are a step by step how to configure your Zimbra Mail Server to get an ISP relay authentication. I’m using vavai.co.id as a sample domain with a user name rivai%vavai.co.id and password : passwordku. Public domain & hosting for vavai.co.id stored on hosting server (ISP server). I’ve also setting up Zimbra with default domain vavai.co.id on local server.
Let’s configure Zimbra to use ISP relay with authentication to send outbound mail message.
- Get a canonical name for public domain
- Open Zimbra Admin Console (https://hostaddress:7071/zimbraAdmin/)
- Go to Global Setting | MTA
- Write the public canonical name on “Relay MTA for external delivery:” option.
- Open Konsole/Terminal, Log in as Zimbra Admin
- Create postfix look up table
- Test the mapping
- The response should similar as below : username%domain.tld:password
- Configure Zimbra Postfix to use the ISP/SMTP Relay with authentication
- Test your Zimbra mail server
[code language=”cpp”]# nslookup mail.vavai.co.id
Non-authoritative answer:
mail.vavai.co.id canonical name = vavai.co.id.
Name: vavai.co.id
Address: 75.126.137.80[/code]
[code language=”cpp”]# su – zimbra[/code]
[code language=”cpp”]# echo mail.vavai.co.id rivai@vavai.co.id:passwordku > /opt/zimbra/conf/relay_password
# postmap /opt/zimbra/conf/relay_password[/code]
[code language=”cpp”]# postmap -q mail.vavai.co.id /opt/zimbra/conf/relay_password[/code]
[code language=”cpp”]# postconf -e smtp_sasl_password_maps=hash:/opt/zimbra/conf/relay_password
# postconf -e smtp_sasl_auth_enable=yes
# postfix reload[/code]
Note :
If you found an error or deferred queue as below :
(Authentication failed: cannot SASL authenticate to server …: no mechanism available)
It seems that smtp-sasl_security option do not allows the plain text on ISP relay setting. Checked it with the following command :
[code language=”cpp”]# postconf smtp_sasl_security_options[/code]
If you get the error message :smtp_sasl_security_options = noplaintext, noanonymous
Change the sasl security setting to allow the plaintext password usage :
[code language=”cpp”]# postconf -e smtp_sasl_security_options=noanonymous
# postfix reload[/code]
Restart the Zimbra service and test the email server.
If you would not prefer with the plain text password on configuration setting, consider to use SMTP use TLS.
Maybe you’ll tell me where the source of your post is from? I am inquisitive about learning a lot of about it.
Maybe you’ll tell me where the source of your post is from? I am inquisitive about learning a lot of about it.
Being a blog writer myself, I really appreciate the time you took in wriitng this article. I am currently reading it on my Blackberry and will scan it once I get home.
Being a blog writer myself, I really appreciate the time you took in wriitng this article. I am currently reading it on my Blackberry and will scan it once I get home.
Hey, habe deine Seite gerade bei Yahoo entdeckt. Hast echt ein klasse Blog, werde bestimmt noch das ein oder andere mal hier vorbeischauen! Deine Posts sind auch echt spitze! Lieben Gruss
Hey, habe deine Seite gerade bei Yahoo entdeckt. Hast echt ein klasse Blog, werde bestimmt noch das ein oder andere mal hier vorbeischauen! Deine Posts sind auch echt spitze! Lieben Gruss
This is exactly what I was searching for on bing, I guess I got my answer! lol
I’m installing zimbra on ubuntu 8.04. I have to configure an outgoing STMP server with authentication. So i tried your doc but it can’t find postmap. Is it not a part of the zimbra install? Do i have to install it my self?
I’m installing zimbra on ubuntu 8.04. I have to configure an outgoing STMP server with authentication. So i tried your doc but it can’t find postmap. Is it not a part of the zimbra install? Do i have to install it my self?
@AnAmagian,
postmap is part of postfix, Zimbra has included it’s command by default. Don’t forget to run the command with Zimbra user permission (su – zimbra)
Couldn?t be written any better. Reading this send reminds me of my old accommodation mate! He in any case kept talking wide this. I will-power to the surface this article to him. Fetching sure he determination press a documentation read. Thanks for sharing!