DNS/FQDN/Mail Server Setup/Help

[calciumkid]

Hi All,

I've been using zentyal for several months now, and for quite a long time I've been having a problem with my config. I have had a mail server set up, running with the virtual domain set to my (registered) domain (isabarwon.com).

I have been able to send and receive emails on it, via the zentyal webmail without issue. However, when setting up my PC to connect via Outlook, or my Mac with Mail, when putting in the IP of my server it gave me an SMTP 504 Helo command error, stating it needed an FQDN.

Today, I clean installed my server to the 2.2rc1. Upon attempting to set everything up again, I still encounter this error. I have also discovered another thing, which was also apparent in my old config. I cannot ping the hostname of my Zentyal box (whether I ping "zentyal" or "zentyal.isabarwon.com" it still says host unknown).

My config is as follows-
modem (192.168.0.1) --> zentyal wan port (192.168.0.3)
                              --> zentyal lan port one (10.0.1.1, DHCP range) --> multiple pcs via switch
                              --> zentyal lan two (10.0.2.1, DHCP range) --> one PC

zentyal hostname: zentyal (i have also tried it with "zentyal.isabarwon.com")
registered domain name: isabarwon.com (registered with domain registrar, the name servers are set to the domain registrars name servers, which forward the domain to my WAN ip)

Could someone explain to me how to get the rest of this up and working? I have added a domain to the zentyal DNS server "isabarwon.com" for use as the DHCP search domain on my IP ranges on the lan ports, this hasn't been able to allow me to ping my zentyal box.

I should also mention I have tried to set everything up with a local domain of "isabarwon.local" incase it had something to do with my domains name servers. I must have done this wrong because then absolutely nothing worked.

I have to be missing something I guess. Any help would be great.

Regards,
calciumkid

[calciumkid]

Googled a bit more and got it working.

Never mind the above-

I have one remaining question however.

How can I set my SMTP server to accept relay from all IP addresses?

[christian]

Googled a bit more and got it working.
Never mind the above-

Too late    once you have raised the point, it may help others having same kind of question to understand what you did to solve the issue you were facing. That's the main purpose of such "users" forum isn't it?

How can I set my SMTP server to accept relay from all IP addresses?

  Do you really understand what this would mean? I don't think so otherwise it's very unlikely that you would target this.
I suppose you instead want to relay only mail sent from your intranet (internal network) to internet? Am I correct?

[calciumkid]

Hi Christian-

I solved my issue by reinstalling zentyal. From there, I setup specific hostnames under my DNS server, which then worked perfectly. I had my internal DNS the same as my external, and now that my internal DNS server is responding to the ping of my hostname with an internal IP rather than external, my SMTP server began to work. It was my own (foolish) overlook in the end!

And basically, I want my laptop to be able to still send messages on the SMTP server whether internal or external. Currently if I am connected via LAN everything works perfect, however, externally (ie, when I am at work connecting via WAN or via my mobile phone etc) I may recieve emails via IMAP, but I cannot send them (the SMTP server rejects me). Ultimately, I'd like to enable SMTP authentication then allow any IP to send mail via the server.

Cheers.

[calciumkid]

Another issue:

Upon adding computers to my zentyal domain, I get the following error (tried windows clean installs etc) "The trust relationship between this workstation and the primary domain failed."

Any ideas? I found a few topics on here about it, all which were no help.

[jsalamero]

When sending authenticated mail you don't need to have a FQDN on you client, otherwise you need so, as you are supposed to be an other mail server. Don't open your SMTP server to all addresses as you will be used to send spam and your server will be blacklisted.

[half_life]

I solved this issue by using the vpn server.  Anyone in the company can send email while off site only if connected by vpn or using the zaraffa web interface. 

[calciumkid]

Hmm- VPN, tempting as it is, may be a tad bit past my parents intellectual level in regards to the fact they mainly use email via their iPads.

I'm currently running the zentyal beta- there is no option in mail server settings to enable SMTP auth?

Cheers

[christian]

he he  ESMTP...  Postfix can do it, definitely but it's a bit complex isn't it?
Suppose you have set-up Postfix to accept authenticated SMTP session only, how are you going to receive mail from external servers not implementing ESMTP?

This works (I'm not writing here that it doesn't) because SMTP-auth can be set-up to control relaying only but it's not exactly straightforward (I mean it's not matter of adding permit_sasl_authenticated in the conf but to deal with non standard mail clients too).

Postfix documentation describes set-up rather clearly. You can still implement it modifying *.mas files, give a try and add a post in the "feature request" section if it fits your expectations.

Frankly speaking, even if my comment looks like I'm against the "ESMTP" idea, it's just the opposite  not because SMTP-AUTH is a must for me but because this is required if you want to implement masquerading and avoid ID spoofing    but we are not yet at this stage isn't it?

[Sam Graf]

Hmm- VPN, tempting as it is, may be a tad bit past my parents intellectual level in regards to the fact they mainly use email via their iPads.

I'm currently running the zentyal beta- there is no option in mail server settings to enable SMTP auth?

Cheers

If you're running the RC, you could give your parents the benefit of the doubt and try out the new PPTP VPN service, if they're willing. Once it's set up, it is pretty simple to use on an iPad. Just a thought.

[calciumkid]

All I'm going to say is that my mother gets confused as to how to get back to the homescreen after opening an app- vpn isnt suitable.

Is there a simple way to enable smtp auth like ISPs do?

[jsalamero]

SMTP auth is enabled by default, just use SMTP TLS PLAIN.

[calciumkid]

and that will allow the sending of smtp messages from any host?