Results 1 to 4 of 4

Thread: New installation: mail relay & SOAP problems

  1. #1
    Join Date
    Apr 2008
    Location
    At home :-). In a country which has 6 national languages and a gazillion dialects.
    Posts
    28
    Rep Power
    7

    Default New installation: mail relay & SOAP problems

    Hi all,

    Just installed 5.0.4 (typical that after that 5.0.5 comes out), and I used the "Zimbra on OpenSuSE 10.3" instructions.

    So far I've been able to receive mail on the one account I set up, but sending is bounced with a "sender not accepted" message, and in the logs it appears Zimbra's MTA seems to consider the sending a relay attempt.

    The mailbox.log is full of SOAP failures, in the middle we find (email target replaced):

    Caused by: com.zimbra.cs.mailbox.MailSender$SafeSendFailedExc eption: 554 5.7.1 : Relay access denied
    ; chained exception is:
    com.sun.mail.smtp.SMTPAddressFailedException: 554 5.7.1 : Relay access denied


    Interesting is that it appears the management console is also not able to authenticate properly, I can't see mail queue or anything else (comes up with some SOAP error).

    Further research shows that the management console on port 7071 also not kosher is: I get virtually every server function (queue check, for instance), thrown back at me with some SOAP auth problem message.

    Here's mailbox.log when that happens (domain name replaced with mydomain.net):

    2008-04-23 23:31:53,226 INFO [btpool0-41] [name=admin@mydomain.net;ip=127.0.0.1;ua=ZimbraWebC lient - IE6 (Win);] SoapEngine - handler exception
    com.zimbra.common.service.ServiceException: system failure: exception during auth {RemoteManager: sys.mydomain.net->zimbra@sys.mydomain.net:22}
    ExceptionId:btpool0-41:1208986313226:c3fbc78efa001c67
    Code:service.FAILURE
    at com.zimbra.common.service.ServiceException.FAILURE (ServiceException.java:253)
    at com.zimbra.cs.rmgmt.RemoteManager.getSession(Remot eManager.java:192)
    (it goes on like this).

    but it appears virtually nothing else works, coming up with SOAP errors. Maybe my hosts file is wrong, it looks a bit of a mess IMHO anyway:

    127.0.0.1 localhost.localdomain localhost

    # special IPv6 addresses
    ::1 localhost ipv6-localhost ipv6-loopback
    fe00::0 ipv6-localnet
    ff00::0 ipv6-mcastprefix
    ff02::1 ipv6-allnodes
    ff02::2 ipv6-allrouters
    ff02::3 ipv6-allhosts
    127.0.0.2 sys.mydomain.com sys
    123.123.123.123 sys.mydomain.com sys


    I'm not a complete novice but I'm new to Zimbra and how it does things. It thus seems logical that I have possibly done something simple wrong (the "duh" factor). Would anyone have a feeling where I screwed up?

    Thanks in advance,

    = CH =

  2. #2
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    Quote Originally Posted by cheros View Post
    So far I've been able to receive mail on the one account I set up, but sending is bounced with a "sender not accepted" message, and in the logs it appears Zimbra's MTA seems to consider the sending a relay attempt.

    The mailbox.log is full of SOAP failures, in the middle we find (email target replaced):

    Caused by: com.zimbra.cs.mailbox.MailSender$SafeSendFailedExc eption: 554 5.7.1 : Relay access denied
    ; chained exception is:
    com.sun.mail.smtp.SMTPAddressFailedException: 554 5.7.1 : Relay access denied
    This when sending with a thick client?
    Post the output of:
    su - zimbra
    zmprov gs `zmhostname` | grep zimbraMtaMyNetworks
    postconf mynetworks

    Quote Originally Posted by cheros View Post
    Interesting is that it appears the management console is also not able to authenticate properly, I can't see mail queue or anything else (comes up with some SOAP error).

    Further research shows that the management console on port 7071 also not kosher is: I get virtually every server function (queue check, for instance), thrown back at me with some SOAP auth problem message.

    Here's mailbox.log when that happens (domain name replaced with mydomain.net):

    2008-04-23 23:31:53,226 INFO [btpool0-41] [name=admin@mydomain.net;ip=127.0.0.1;ua=ZimbraWebC lient - IE6 (Win);] SoapEngine - handler exception
    com.zimbra.common.service.ServiceException: system failure: exception during auth {RemoteManager: sys.mydomain.net->zimbra@sys.mydomain.net:22}
    ExceptionId:btpool0-41:1208986313226:c3fbc78efa001c67
    Code:service.FAILURE
    at com.zimbra.common.service.ServiceException.FAILURE (ServiceException.java:253)
    at com.zimbra.cs.rmgmt.RemoteManager.getSession(Remot eManager.java:192)
    (it goes on like this).
    Assuming you're using the standard ssh port:
    1. Check /etc/sshd_config and be sure it's set to 22
    2. stop/start/restart sshd
    Code:
    /etc/init.d/ssh restart
    3. su - zimbra
    4. Be sure zimbra's ssh port is set to 22
    Code:
    zmprov ms server.domain.com zimbraRemoteManagementPort 22
    5. Generate new ssh keys
    Code:
    cd /opt/zimbra/bin/
    ./zmsshkeygen
    6. Deploy the keys
    Code:
    ./zmupdateauthkeys
    To test this, you can run the following command:
    ssh -vi .ssh/zimbra_identity -o strictHostKeyChecking=no zimbra@server.domain.com -p 22
    -Shouldn't prompt you for a password at this point...then check the admin console mail queues area/servers/certificates.
    If you continue to get that error please see this doc for some more ideas Mail Queue Monitoring - Zimbra :: Wiki

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by cheros View Post
    127.0.0.2 sys.mydomain.com sys
    You need to remove that line from your hosts file.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    Join Date
    Apr 2008
    Location
    At home :-). In a country which has 6 national languages and a gazillion dialects.
    Posts
    28
    Rep Power
    7

    Default Ah - I never have SSH on port 22 on a public system..

    Quote Originally Posted by mmorse View Post
    Assuming you're using the standard ssh port:
    1. Check /etc/sshd_config and be sure it's set to 22
    2. stop/start/restart sshd
    Code:
    /etc/init.d/ssh restart
    3. su - zimbra
    4. Be sure zimbra's ssh port is set to 22
    Code:
    zmprov ms server.domain.com zimbraRemoteManagementPort 22
    Ah - I wasn't aware it's using SSH internally. I never have SSH running on port 22 on a system that is publicly exposed because I don't want to trawl through a mile worth of logfile entries with dictionary attack failures :-).

    I'll first move the daemon back to port 22 and see what happens (and comment out the hosts file entry for 127.0.0.2 as phoenix pointed out), then run the commands as described above.

    If I want SSH elsewhere, is "zmprov" where that is adjusted in Zimbra?

    Be back later, but I think you may have already identified the "duh" in my config .

Similar Threads

  1. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  2. Problem with Postfix and MTA
    By ZMilton in forum Administrators
    Replies: 16
    Last Post: 04-16-2008, 07:47 AM
  3. [SOLVED] Mailserver down when send file attach of 50Mb
    By ZMilton in forum Administrators
    Replies: 20
    Last Post: 04-10-2008, 12:44 PM
  4. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 09:09 AM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •