Incoming Mail Problems: Difference between revisions
No edit summary |
No edit summary |
||
(One intermediate revision by one other user not shown) | |||
Line 3: | Line 3: | ||
<div class="col-md-12 ibox-content"> | <div class="col-md-12 ibox-content"> | ||
=Troubleshooting incoming mail problems= | =Troubleshooting incoming mail problems= | ||
{{KB|{{ZC}}|{{ZCS 8. | {{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 8.7}}|{{ZCS 8.6}}|}} | ||
==Problem== | ==Problem== | ||
Line 37: | Line 37: | ||
ZCS 8.5 or above onwards this attribute is now in ldap - zimbraMtaLmtpHostLookup | ZCS 8.5 or above onwards this attribute is now in ldap - zimbraMtaLmtpHostLookup | ||
zmprov ms mtaserver.com zimbraMtaLmtpHostLookup native | zmprov ms mtaserver.com zimbraMtaLmtpHostLookup native | ||
zmprov ms `zmhostname` zimbraMtaLmtpHostLookup native | |||
In case that you are using Single Server, be aware always of the Global Config as well: | In case that you are using Single Server, be aware always of the Global Config as well: |
Latest revision as of 07:44, 20 April 2022
Troubleshooting incoming mail problems
Problem
If you're having trouble receiving mail from outside, you need to find out where the message is failing.
When sending your test message, check the Log Files, especially /var/log/zimbra.log, on your MTA server.
It's often helpful to tail the logfile as you send the message:
tail -f /var/log/zimbra.log
If you see nothing logged (no connection, nothing) then the problem likely either DNS or your firewall.
Resolution
Firewall
To troubleshoot your firewall, it helps to have an account on a system outside of your network.
For mail to flow inbound, servers on the internet need to connect to your MTA on port 25.
DNS issues
The mail domain that your user accounts are created under must have an MX record. To test this:
host -t mx domain
The IP address returned should be the IP (public or private) of your MTA. If it's the public address, make sure that the Firewall is forwarding port 25 to the MTA.
Mail is delivered to the MTA, but not to the mailbox
If there is a line in the /var/log/zimbra.log like:
postfix/lmtp ... deferred ... connection refused
There is no connection to port 7025 to perform Local Mail Transfer Protocol (LMTP) delivery.
This is nearly always caused by a host that is configured on private IP Space (or using NAT) and that does not have an interface for the public IP address the server resides on. This can be easily fixed by simply using native IP address lookups for lmtp rather than DNS. Alternatively, you could have your internal network's domain name configured to lookup differently internally than it does externally. Using that method is beyond the scope of this document.
Zimbra Collaboration 8.5 or above
ZCS 8.5 or above onwards this attribute is now in ldap - zimbraMtaLmtpHostLookup
zmprov ms mtaserver.com zimbraMtaLmtpHostLookup native zmprov ms `zmhostname` zimbraMtaLmtpHostLookup native
In case that you are using Single Server, be aware always of the Global Config as well:
zmprov mcf zimbraMtaLmtpHostLookup native
Once this is done, you'll need to restart the mta:
zmmtactl restart
Zimbra Collaboration 8.0 or previous
To lookup lmtp addresses natively instead of by DNS, simply modify the following localconfig values on all mta's:
zmlocalconfig -e postfix_lmtp_host_lookup=native
Once this is done, you'll need to restart the mta:
zmmtactl restart
Expected behavior
Postfix will now lookup IP's for lmtp natively rather than in DNS, so you'll just need to ensure the host is properly configured in /etc/hosts and things will work correctly.