Multiserver installation - mail transfer problems

    Sep 2008
    Multiserver installation - mail transfer problems

    Hi, based on marvelous comments and forum content I managed to install new zimbra multi server installation based on Zimbra 5.0.9 OS edition, including drbd, heartbeat on Ubuntu Servers 8.04.

    The problem I am now seeing is that:

    1. mails do not get transferred from mta to mailbox server (conversation with <mailbox.server[ip]> timed out while sending message body). The messages are getting deferred status.
    2. in some logs from mta servers I get postfix/qmgr saying mta transport unavailable. Aditionally I found logs saying: warning: connect to transport retry: No such file or directory (but installation went OK, so I assume, that such files or directories should be created by default)

    Could I get any help or pointers to problem cause or solution?

    The server setup is as follows (all servers based Ubuntu server + Zimbra 5.0.9):
    1. Two external mx servers (external public IPs behnid FW)
    2. Two Reverse Proxy servers on apache (not zimbra) - at this point working corectly as they are not involved in mail delivery - web interfaces are working corectly.
    3. One LDAP master server (based on 2 physical servers with DRBD + HA)
    4. One Mailbox server (as well as cluster on DRBD + HA).

    ... I have installed zimbra IMAP/POP proxy, but that configuration will be managed later...

    The IP and DNS settings of all these servers are as follows:
    1. in public IP address zone1 there is zimbra MTA / AV / AS servers and proxy servers (ex.
    2. LDAP is in private IP range behind aditional FW (zone2-A) based on routing, not NAT rules (ex.
    3. Mailbox server is in another private address range (zone2-B) similar to LDAP, only in other subnet (ex. Again - no NAT

    All communications between servers are OK ping, telnet to ports, etc. are working between each other and resolving to corect IPs.

    I have implemented split DNS structure with 2 DNS servers - 1 for external resolvers for domains hosted in my environment, which lists domains and hosts only available from external net. 2 - internal DNS which resolves internal as well as external needed hosts of my environment. The second server is doing recursive lookups for local servers to outside ISP servers.

    Most interesting thing is that some mails DO get delivered in or out, but there is still deferred que growing and growing.

    Also I noticed, that zmprov command is not running correctly on all servers. Some of them do run commands OK, but others need -l switch to do the work.

    Can any body help to sort things out from given info?

    Sep 2008
    Problem still up!!!

    As far as I was trying to find out possible problem cause, I figured out by scanning network, that after received mail by MTA it is set to LMTP to transfer to mailbox server. On network, there is ongoing connections to LDAP server, but no connections to mailbox server IP. I did that using WireShark.

    Are there any specific configuration settings to say to MTA where to connect using LMTP. In MTA logs there is records saying that connection to mailbox.server[IP]:7025 was tried, but timed out. Whireshark showed that there was not even a first connection to it.

    Any ideas so far? Still need a help. Can any body share their thoughts or experience in such situation tracking? Incoming and outgoing mails are still growing in deferred queue, but if we can believe in stats monitors, then about 40% of mails get caught in deferred queue. Unfortunately I can not find any similarities in mail messages to get idea of other causes.

    Thank you in advance!!!

