Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 14 replies
  • Answers 1 answer
  • Subscribers 6 subscribers
  • Views 20632 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

SMTP Relay Naming Issue

RobPurcell

A few years ago I set up a Zimbra mail server behind Sophos UTM using Email Protection. Configuration for incoming mail went smoothly, but I ran into an issue with outgoing mail when using the UTM for relaying. It's been a few years so I'm a little foggy on the details, but the problem as I remember it was that the host name configured in Zimbra was mail.domain.com, which was the same name as the UTM SMTP relay. Because the two names were the same, when Zimbra sent mail to the relay it was rejected. The UTM and the mail server argued over having the same name. I resolved the issue by renaming the mail server to mail.domain.local so they didn't argue, and then set up a second domain on Zimbra for mail.domain.com.  With this configuration everything works, but I've never been happy with it. I feel that there may be a more elegant way of doing things. Changing the SMTP hostname on the UTM doesn't seem like a good option since it's checked by receiving mail servers and should match RDNS and such. Perhaps I could leave the mail server name mail.domain.com and then modify the email header configuration in Zimbra to use a different name, but I've not looked into how that might be accomplished in Zimbra. 

 
I'm about to set up a new mail server so I'm reconsidering my configuration. Does anybody have a better way of dealing with the issue than what I've found?


This thread was automatically locked due to age.
  • 0 in reply to Satya T

    Maybe this is as dns mx record problem

  • 0 in reply to Satya T

    MX.DOMAIN1.COM points to utm.example.com
    MX.DOMAIN12.COM points to utm.example.com

    utm.example.com should accept emails for domains @MX.DOMAIN1.COM and @MX.DOMAIN2.COM and route to zimbra mailserver. Zimbra mailserver should accept too both domains. And send the emails with a connector to utm.example.com (internal IP)

    Dont define different hostnames based on different domains for utm.exapmle.com

  • 0 in reply to Ol Deda

    The IP of the UTM proxy should have an RDNS entry for that IP. Most people would have to contact their ISP to get this changed. Once changed, you would normally enter this into the UTM Proxy.

    The UTM proxy would then do the routing to X amount of domains behind it. It doesn't matter what these are called.

    When a anti-spam solution runs a check, it will look for the RDNS entry of the sending mail server which in this case is the UTM and the RDNS entry will match.

    Think about users using a hosted anti=spam solution or a smart host. Mail comes via that host which certainly won't be their domain name. eg mail from mydomain.com will appear to come from antispam.trendmicro.com and only the RDNS for that server is important in this case.

    Now when you get to SPF, DMARC's etc, you will care fully have to look at these. eg in the above case, that antispam.trendmicro.com is allowed to send for mydomain.com etc.

    And of course, your MX records will have to use the UTM MX records rather than their domain.

  • 0 in reply to Louis-M

    it is not explained in what direction the emails are rejected

Unfiltered HTML