Results 1 to 8 of 8

Thread: Weird NAT issue

  1. #1
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default Weird NAT issue

    I was wondering if anyone could shed some light on this issue and probably point out something really obvious that I am missing completely.

    I have just set up a Zimbra server for someone, based on a NAT setup. The router/firewall forwards all requests on port 25 to 192.168.0.170 where the Zimbra server sits with its own DNS server for DNS resolution. Incoming email works fine with incoming email accepted and delivered to the users inboxes. Unfortunately however the server cannot seem to deliver outgoing email at all. It looks up the MX records just fine but when it tries to connect to them it says the following in the deferred mail queue (The below example is for trying to send an email to aol.com)...

    connect to aol.com[205.188.142.182]: connection timed out

    There are no firewalls or anything that would block it from connecting and the router allows all outgoing connections from LAN IP's with no filtering whatsoever. Another mail server sitting on a different machine can relay email out no problem.

    Is it possible this could be a problem with Zimbra somewhere that I am missing or is there something in my NAT setup I need to go back and look at? Any help would be fantastic. Many thanks.

  2. #2
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    Sure you've got a gateway set?

    netstat -nr
    check for 0.0.0.0 entry

    From the server:
    telnet 205.188.142.182 25
    and try telnetting to some other foreign mailserver port 25 as well, to see if you get response

  3. #3
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default

    Yes it has a gateway set and I can even telnet from the server machine to other SMTP servers so it can't be a network or routing issue.

    I'm absolutely befuddled as there doesn't seem to be any issue in the logs causing it. Can anyone shed any light on this before people start to gnash their teeth at me. Many thanks.

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    You know that AOL have restrictions on which mail servers they allow to talk to them, don't you? If you're sending from a 'domestic' type ISP or a dynamic IP you'll probably never be able to send mail to AOL users.

    Try some other destinations and see if they work.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default

    Nope it is quite definitely not a domestic IP address and I can relay email from another machine behind the NAT/IP.

    The postfix server is never even making the connection, it's just timing out as if the server wasn't there.

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Well, the same thing happens if I telnet to that IP - it never connects. What do you get if you 'telnet mailin-03.mx.aol.com 25'?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default

    Quote Originally Posted by phoenix View Post
    Well, the same thing happens if I telnet to that IP - it never connects. What do you get if you 'telnet mailin-03.mx.aol.com 25'?
    I get...

    220-rly-mf09.mail.aol.com ESMTP mail_relay_in-mf09.2; Tue, 10 Apr 2007 10:27:57
    -0400
    220-America Online (AOL) and its affiliated companies do not
    220- authorize the use of its proprietary computers and computer
    220- networks to accept, transmit, or distribute unsolicited bulk
    220- e-mail sent from the internet. Effective immediately: AOL
    220- may no longer accept connections from IP addresses which
    220 have no reverse-DNS (PTR record) assigned.


    From same IP address, just a different machine on the NAT which is why you can see its confusing me.

  8. #8
    Join Date
    Mar 2007
    Posts
    42
    Rep Power
    8

    Default

    This has been resolved. A very strange problem that could potentially be a bug except I can't replicate it so at the moment I am a bit disinclined to file a bug report.

    Essentially, Postfix was not performing DNS lookups for the MX info so all outgoing mail was sticking. This despite the fact that the option to do DNS lookups was ticked in the admin console, in both the global settings MTA tab and the server settings MTA tab.

    I unticked them to see if this made a difference, it didn't. Reticked them and still nothing. Then just being thorough I rebooted, unticked and reticked and boom. Everything starts working. There was nothing in the log files to suggest anything had ever been wrong.

Similar Threads

  1. duplicate email issue
    By kollross in forum Administrators
    Replies: 29
    Last Post: 01-31-2010, 05:43 PM
  2. Replies: 3
    Last Post: 06-07-2007, 07:19 AM
  3. Issue with Print Size in Zimbra Web Client
    By soxfan in forum Administrators
    Replies: 0
    Last Post: 05-11-2007, 12:59 PM
  4. dns issue with suse 10.2 and issue with bind
    By zjustin in forum Installation
    Replies: 11
    Last Post: 05-06-2007, 11:18 AM
  5. Intermittent issue (issue# 5852) ?
    By nick20 in forum Installation
    Replies: 1
    Last Post: 02-08-2006, 01:47 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •