We've been running ZCS NE on a single server for a few months, and things have been running well. We are trying to migrate from the one server we are on now, to two new servers for performance and growth reasons. The old server is mail-2 (don't ask). The new servers are mail-101 and mail-102.

All of the mail server sit behind a firewall and a Foundry Load Balancer.

All of the servers are running perdition on the standard ports.

What I've successfully done so far, is:

  1. Install LDAP on mail-101
  2. Promote mail-101 to LDAP Master
  3. Install everything else (store, mta, etc...) on mail-101
  4. Move a single mailbox from mail-2 to mail-101 (using zmmailboxmove)

Where I'm having trouble, is with the following:

  1. Users connecting with webmail to our external mail server (webmail.domain.com) work fine, if their mailbox is on mail-2. If their mailbox is on mail-101, the client tries to connect directly to mail-101, which doesn't have a direct external e-mail. I've seen some other threads about this, and about using apache reverse or forward proxy, but nothing that says how to tell apache (or anything else)which mail server to go to. I'd hate to have to define a rule for each user to tell whether to go to mail-101 or mail-102.
  2. I can connect an IMAP client directly to mail-101 and see the user's mail, for the user I moved. If I connect the client to mail-2, though, the user cant' connect. The perdition logs (when d and c are set) show that the login failed, but it looks like this in the log:
    Aug 14 17:57:15 mail-2 perdition[29029]: CLIENT: "2 LOGIN fred flintstone\r\n"
    Aug 14 17:57:15 mail-2 perdition[29029]: SELF:   "fred {10}\r\n"
    Aug 14 17:57:15 mail-2 perdition[29029]: REAL:   "flim0b NO [REFERRAL imap://fred%40domain.com@mail-101.colo.domain.com/] LOGIN failed\r\n"
    Aug 14 17:57:18 mail-2 perdition[29029]: Auth:> user="fred" server="localhost" port="7143" status="failed: Re-Authentication Failure
    Any thoughts on what I might be missing here? I've done everything I could find in the wiki and the forums with perdition to make this work.

Thanks for the help on both of these issues!

-steve j