Results 1 to 3 of 3

Thread: lmtp delivery ignores hosts file

  1. #1
    Join Date
    Jul 2008
    Location
    Corvallis, OR
    Posts
    54
    Rep Power
    7

    Default lmtp delivery ignores hosts file

    We are running a single server instance of Release 6.0.5_GA_2213.RHEL5_64_20100203001950 CentOS5_64 FOSS edition. It is nat'd, and on top of that, we have an nginx proxy in front of it to help with migration from another server (it looks up the user and routes them to the old or the new server depending on if they've been migrated yet). We setup dns for the server's name to point to the proxy for the migration, and have the hosts file on the zimbra server set for that name to point to its internal network address.

    When zimbra tried to deliver mail however, it tried to connect to the proxy, not the internal address, i.e. it's using dns instead of the hosts file, though nsswitch.conf has "files dns". I've manually reconfigured all the accounts to change zimbraMailTransport to use a name that points to the internal server address, but new accounts get the real name, and thus don't work until that tweak is made. I can reconfigure the proxy and firewalls so that port 7025 gets routed properly, but that's a lot of work that shouldn't be necessary... I'm also concerned that when we remove the proxy, it'll try to use the public address then, requiring the firewall to loopback the public address, which I'm not sure it does.

    Ideally, it would use the hosts file properly, but failing that, if there's a simple setting that I can set to give the mailtransport the internal name without disrupting other things, that would make things work smoothly at least...
    Attached Images Attached Images

  2. #2
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,374
    Rep Power
    11

    Default

    Many firewalls which do NAT create a series of NAT rules which rewrite traffic to go through the public IP, thereby insuring inter-zone traffic is examined by the firewall.

    SonicWalls do this when you run the Public Server Wizard for example.

    Since your diagram shows a firewall between the proxy and the Zimbra server, any chance that something like this is happening? If so, simply adding another rule set to the firewall to allow translated, NAT'd traffic just between those two servers should be fairly straightforward -- depending on which firewall you are using of course!

    Hope that helps,
    Mark

  3. #3
    Join Date
    Jul 2008
    Location
    Corvallis, OR
    Posts
    54
    Rep Power
    7

    Default

    No, this is strictly internal to zimbra - the mta is trying to deliver the mail to the mail store using lmtp. The mail store doesn't *have* to be on the same box (and in fact our main zimbra instance is just such a cluster)

Similar Threads

  1. ZCS from perforce on OpenSuSE 11
    By asemenov in forum Developers
    Replies: 0
    Last Post: 06-09-2010, 03:13 AM
  2. DMZ relay to Zimbra internal host
    By swordfish in forum Installation
    Replies: 12
    Last Post: 02-04-2009, 10:30 AM
  3. Zimbra OSS 4.5.11 Re-install
    By newmember in forum Installation
    Replies: 0
    Last Post: 09-09-2008, 10:26 PM
  4. Removing hostname from hosts file fixed prob.
    By lemur in forum Installation
    Replies: 10
    Last Post: 06-13-2007, 06:29 PM
  5. Local Delivery LMTP Problem
    By CaptainFiesta in forum Installation
    Replies: 4
    Last Post: 10-04-2005, 08:07 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •