Zimbra help..multi-domain each with own external relay

dbeato

Okay, so I reviewed finally that Zimbra server. What I found out is that we have three domains in there, one is sending through the WAN IP of the Server as NAT through the firewall while the other two domains are sending through a relay server as below:

dbeato

Also are you SMTP Servers also on the MTA Trusted networks?

vhinzsanchez

@dbeato said in Zimbra help..multi-domain each with own external relay:

P of the Server as NAT through the firewall while the other two domains are sending through a relay server as belo

Thanks @dbeato, great! Same as what I'm trying to achieve!

I have below as my settings

bysender:
@domain1.com [ smtp.domain1.com]:587
@domain2.com [ smtp.domain2.com]:587

relay_password:
[smtp.domain1.com]:587 [email protected]:Password1
[smtp.domain2.com]:587 [email protected]:Password2

@dbeato said in Zimbra help..multi-domain each with own external relay:

Also are you SMTP Servers also on the MTA Trusted networks?

No. Does it need to be?

Below are mynetworks (edited the line '# name postoffice.domain1.com as it formats large):
zimbra@postoffice:~$ postconf mynetworks
mynetworks = 127.0.0.0/8 [::1]/128 192.168.0.0/24
zimbra@postoffice:~$ zmprov gs postoffice.domain1.com zimbraMtaMyNetworks
'# name postoffice.domain1.com
zimbraMtaMyNetworks: 127.0.0.0/8 [::1]/128 192.168.0.0/24

Honestly, I do not understand the MTA Trusted networks. Our present servers (physical and one domain on one server..this is not the one I opened in this thread) only have the loopback (127.0.0.1/8) and its network (192.168.0.0/24) but our other VLANs, other offices (via IPSEC) and outside access (NATted) works.

What I was thinking is that the since our users are accessing the (zimbra) webmail, it is using the server's own IP address. However, this is also true if I set up POP/IMAP through a client, it connects and sends via the server's IP. Pls. correct me if I'm understanding it wrong.

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

What I was thinking is that the since our users are accessing the (zimbra) webmail, it is using the server's own IP address. However, this is also true if I set up POP/IMAP through a client, it connects and sends via the server's IP. Pls. correct me if I'm understanding it wrong.

Your understanding is correct.

vhinzsanchez

@dbeato thanks!

Do I also need to include both SMTP servers in MTA Trusted Networks? How do I input them in CIDR format?

119.93.x.x /32?
119.93.x.y /32?

Thanks!

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@dbeato thanks!

Do I also need to include both SMTP servers in MTA Trusted Networks? How do I input them in CIDR format?

119.93.x.x /32?
119.93.x.y /32?

Thanks!

Yes /32 is one IP address.

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@dbeato thanks!

Do I also need to include both SMTP servers in MTA Trusted Networks? How do I input them in CIDR format?

119.93.x.x /32?
119.93.x.y /32?

Thanks!

Please include them there for sure.

vhinzsanchez

@dbeato

Yup...tried to enter the IPs in MTA Trusted Networks but still the same even after issuing "zmcontrol restart" and even restarting the whole VM. It seems as though that the email is being sent directly to the recipient's server (Google's in this case):

Feb 13 16:36:59 postoffice systemd-logind[936]: Removed session 92.
Feb 13 16:37:10 postoffice postfix/smtp[38133]: connect to alt1.gmail-smtp-in.l.google.com[74.125.198.27]:25: Connection timed out
Feb 13 16:37:10 postoffice postfix/smtp[38134]: connect to alt1.gmail-smtp-in.l.google.com[74.125.198.27]:25: Connection timed out
Feb 13 16:37:40 postoffice postfix/smtp[38134]: connect to alt2.gmail-smtp-in.l.google.com[74.125.124.26]:25: Connection timed out
Feb 13 16:37:40 postoffice postfix/smtp[38133]: connect to alt2.gmail-smtp-in.l.google.com[74.125.124.26]:25: Connection timed out
Feb 13 16:37:46 postoffice zmconfigd[1371]: Fetching All configs
Feb 13 16:37:46 postoffice zmconfigd[1371]: All configs fetched in 0.09 seconds
Feb 13 16:37:51 postoffice zmconfigd[1371]: Watchdog: service antivirus status is OK.
Feb 13 16:37:51 postoffice zmconfigd[1371]: All rewrite threads completed in 0.00 sec
Feb 13 16:37:51 postoffice zmconfigd[1371]: All restarts completed in 0.00 sec
Feb 13 16:38:10 postoffice postfix/smtp[38133]: connect to alt3.gmail-smtp-in.l.google.com[74.125.136.26]:25: Connection timed out
Feb 13 16:38:10 postoffice postfix/smtp[38134]: connect to alt3.gmail-smtp-in.l.google.com[74.125.136.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38134]: connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38133]: connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38133]: B00E09B4207B: to=[email protected], relay=none, delay=3353, delays=3231/0.75/121/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out)
Feb 13 16:38:40 postoffice postfix/smtp[38134]: 065129B42075: to=[email protected], relay=none, delay=3351, delays=3230/0.59/121/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out)

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@dbeato

Yup...tried to enter the IPs in MTA Trusted Networks but still the same even after issuing "zmcontrol restart" and even restarting the whole VM. It seems as though that the email is being sent directly to the recipient's server (Google's in this case):

Feb 13 16:36:59 postoffice systemd-logind[936]: Removed session 92.
Feb 13 16:37:10 postoffice postfix/smtp[38133]: connect to alt1.gmail-smtp-in.l.google.com[74.125.198.27]:25: Connection timed out
Feb 13 16:37:10 postoffice postfix/smtp[38134]: connect to alt1.gmail-smtp-in.l.google.com[74.125.198.27]:25: Connection timed out
Feb 13 16:37:40 postoffice postfix/smtp[38134]: connect to alt2.gmail-smtp-in.l.google.com[74.125.124.26]:25: Connection timed out
Feb 13 16:37:40 postoffice postfix/smtp[38133]: connect to alt2.gmail-smtp-in.l.google.com[74.125.124.26]:25: Connection timed out
Feb 13 16:37:46 postoffice zmconfigd[1371]: Fetching All configs
Feb 13 16:37:46 postoffice zmconfigd[1371]: All configs fetched in 0.09 seconds
Feb 13 16:37:51 postoffice zmconfigd[1371]: Watchdog: service antivirus status is OK.
Feb 13 16:37:51 postoffice zmconfigd[1371]: All rewrite threads completed in 0.00 sec
Feb 13 16:37:51 postoffice zmconfigd[1371]: All restarts completed in 0.00 sec
Feb 13 16:38:10 postoffice postfix/smtp[38133]: connect to alt3.gmail-smtp-in.l.google.com[74.125.136.26]:25: Connection timed out
Feb 13 16:38:10 postoffice postfix/smtp[38134]: connect to alt3.gmail-smtp-in.l.google.com[74.125.136.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38134]: connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38133]: connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out
Feb 13 16:38:40 postoffice postfix/smtp[38133]: B00E09B4207B: to=[email protected], relay=none, delay=3353, delays=3231/0.75/121/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out)
Feb 13 16:38:40 postoffice postfix/smtp[38134]: 065129B42075: to=[email protected], relay=none, delay=3351, delays=3230/0.59/121/0, dsn=4.4.1, status=deferred (connect to alt4.gmail-smtp-in.l.google.com[173.194.208.26]:25: Connection timed out)

Can you setup a relay as below?
https://support.google.com/a/answer/2956491?hl=en

vhinzsanchez

Thanks @dbeato, by goal is to use our own SMTP (external email server) as smarthost. We are using the 2 now, in a separate physical Zimbra installation, without issues. I was only trying to replicate that settings into a single (VM) zimbra install.

Thanks again for sticking with me to help me out with my dilemma.

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

Thanks @dbeato, by goal is to use our own SMTP (external email server) as smarthost. We are using the 2 now, in a separate physical Zimbra installation, without issues. I was only trying to replicate that settings into a single (VM) zimbra install.

Thanks again for sticking with me to help me out with my dilemma.

Strange, I mean your error seem to be trying to connect to Gmail that the ports are timing out.

vhinzsanchez

@dbeato said in Zimbra help..multi-domain each with own external relay:

Strange, I mean your error seem to be trying to connect to Gmail that the ports are timing out.

That's where I'm also confused about. It seems that it is directly trying to connect to Gmail to send the messages. The recipient is my personal gmail account. Creating bysender and relay_password files and configuring Zimbra to recognize those (by the searches I had done), it should have routed the mails to the external (SMTP) server.

Inputting the smtp.domain1.com to "Relay MTA for external delivery" routes all outgoing emails to it, including the ones from domain2.com which should route to smtp.domain2.com.

vhinzsanchez

Hi,

Guys, I'll be out and will be back on Monday. Tomorrow is a holiday here in Philippines, work resumes on Monday. Hope you can help me out :smiling_face_with_open_mouth:

Thanks!

scottalanmiller

@vhinzsanchez enjoy your holiday.

vhinzsanchez

@scottalanmiller Thanks! I did enjoy it with family and friends!

bbigford

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@dbeato
Wow! You are one of the gems which has set it up correctly.

How? How? How?

vhinzsanchez

@BBigford yeah, that's it. And no fault of any other. I just can't figure this thing out...luckily, its just a test server (planning for an upgrade...thus the test).

dbeato

@bbigford said in Zimbra help..multi-domain each with own external relay:

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@dbeato
Wow! You are one of the gems which has set it up correctly.

How? How? How?

Lol

dbeato

@vhinzsanchez said in Zimbra help..multi-domain each with own external relay:

@BBigford yeah, that's it. And no fault of any other. I just can't figure this thing out...luckily, its just a test server (planning for an upgrade...thus the test).

I explained how I have it but I will set it up from the ground up.

vhinzsanchez

@dbeato, thanks...I'm relieved that someone still has working with me on this.