Relay Tips Based on User/Domain Receiver on Zimbra 8.5-8.6

Posted by

I have a condition where my customers cannot sending email for some domain by directly. I give an advice to them for using Relay for all external delivery. But they do not want all external delivery using relay for security reason. They want just some domain receiver for using relay. Okay, because them using Zimbra 8.5/8.6, i can do relay for some domain only.

# Create transport for domain receiver that would be relay

su - zimbra
vi /opt/zimbra/postfix/conf/transportfile

Fill with the following example

domain1.com       :[relay.example.com]
domain2.com       :[relay.example.com]
user1@domain3.com :[relay.example.com]

The above example, every sending email to domain1.com and domain2.com or user1@domain3.com, will be relay to relay.example.com. If your relay server using port such as 465, 587 or another port, you can change like this [relay.example.com]:587

# Postmap Transport

postmap /opt/zimbra/postfix/conf/transportfile

# Adding Transport table

zmprov ms mail.example.com zimbraMtaTransportMaps "lmdb:/opt/zimbra/postfix/conf/transportfile,proxy:ldap:/opt/zimbra/conf/ldap-transport.cf"

Change mail.example.com with your hostname of email server. Or you can using `zmhostname` for independently

# Restart Zimbra Services

zmcontrol restart

Please try to sending email. Every sending email to domain1.com and domain2.com or user1@domain3.com, email server will be relay to relay.example.com. if sending email to another domain, email server will directly without relay to relay server

Note : if adding/delete user or domain in transportfile, don’t forget to postmap and reload postfix Zimbra (postfix reload)

Good luck and hopefully useful 😀

39 comments

  1. I recently upgraded zimbra from 8.0.7 to 8.5.1. Before upgrade, my customers were using outlook to relay outgoing emails through zimra. The SMTP settings required them first authenticate using their username and password.

    However, after upgrade, the outlook can only fetch emails from zimbra(POP3) but they cannot send emails anymore. Each time they try to send email, outlook pops up asking for username and password. It appears that Zimbra 8.5.1 does not authenticate SMTP from remote clients anymore.

    Help me.

    Thanks.

    1. Hi Stanmak,

      Could you please give me information on zimbra.log while you are sending email using Outlook? could you also sent to me how you configure your Outlook?

  2. hi, thanks for your articles it works can you please give me link or article on how can i send emails on other domain emails

  3. Very interesting this tip. Is exactly what I was looking for. I can not send messages from a server to hotmail.com. Hotmail receives but does not put them in the users mailbox .
    But I can send messages to hotmail.com from another server that I own. Which in this case can be called mail.example.com

    I followed the steps but when I finish step 4, I get this message:

    “ERROR: account.NO_SUCH_SERVER (no such server: mail.example.com)”

    Obviously I put here the correct mail server (no mail.example.com) to do relay my messages to hotmail.com server.

    What is wrong?

  4. Hi. Excellent post. Just what I was looking for. Could you please just give me the direction to add user/password authentication to use on the relay server? When I try to send emails through external relay, I get the message asking for authentication. Thanx

  5. Hi Iman just a question. If I have 4 domains in my zimbra but i want to modify the relay for one of them I hace to declare de 4 domains in /opt/zimbra/postfix/conf/transportfile? or just the one that I want to modify?.

    I’m planing a migration and I want to createa domain in my zimbra and the accounts but I still need to deliver the mails to the actual smtp server if the users of the other domains in zimbra send emails to that domain.

  6. Hi Iman, thanks. Mayby I didn’t explain well. I want to be sure. My english isn’t good.

    In my zimbra I have 3 domains:

    @DomainA
    @DomainB
    @DomainC

    We have in external mail service the DomainD which we want to migrate to our zimbra server. But I need first to create the domain and all acounts, but meanwhile If any user from @domainA send an email to @domainD I want to deliver in the current relay which is still the external mail service.

    So, I understand I only need to declare @domainD in the .cf and the other domains will continue to working properly (delivering within zimbra).

    Thanks again.

    1. Hi,

      Please use the following command

      zmprov ms mail.example.com zimbraMtaTransportMaps "proxy:ldap:/opt/zimbra/conf/ldap-transport.cf"
      
  7. hi, I’m using Zimbra 8.0.4 and follow step “adding transport table” return error:
    “ERROR: account.INVALID_ATTR_NAME (invalid attr name: invalid attr name – unable to modify attributes: zimbraMtaTransportMaps: attribute type undefined)”
    please help to fix that problems.

    1. Hello,

      If using Zimbra 8.0.x, please use this command :

      zmlocalconfig -e postfix_transport_maps="hash:/opt/zimbra/postfix/conf/transportfile proxy:ldap:/opt/zimbra/conf/ldap-transport.cf"
      
      1. Hello
        following this “how-to-configure-outgoing-smtp-authentication” will afect only the specific domain or do we need to change anything to make that the relay is used only for the specific destination domains ?

        1. Hi SB5,

          Configure outgoing smtp authentication will effect on all domain. If you want specific destination domain, please don’t configure zimbraMtaRelayHost and use this guidance for specific destination domains

  8. Hi ,

    please help in the following

    i have 2 mail servers with domains abc.com and abc.def.com .the former one is in intranet and the other in internet.these 2 are having same users. my question is how to sync between these mail accounts.
    Thanks in advance:)

  9. Hi Iman :

    I’m using Zimbra 8.7, but I have a problem with the above configuration. Zimbra is set up with “domain1.com” and with some users inside (for instance user1 to user10), so ten internal email users on system.

    Imagine the content of the bysender file :

    user11@domain1.com [RelayInternalServer.domain1.com]
    ….
    ….

    So, If I send an email from Zimbra WebClient logged as “user1@domain1.com” to destination “user11@domain1.com” works like a charm, and I receive the message on user11 account on RelayInternalServer.domain1.com. Great !!! But… If I send an “external account” email (gmail, hotmail, wathever other external domain) to user11@domain1.com, the message come in to my zimbra but is rejected because “User unknown”


    Dec 14 09:57:48 mx4 postfix/smtpd[39609]: NOQUEUE: reject: RCPT from mail-wj0-f169.google.com[209.85.210.169]: 550 5.1.1 : Recipient address rejected: User unknown in virtual mailbox table; from= to= proto=ESMTP helo=

    Investigating a little bit more, the problem could be focused on “Relay Security” and “zimbraMtaMyNetworks”, because if I add on zimbraMtaMynetworks to everyone (0.0.0.0./0) the message arrives from gmail.com to my internal RelayInternalServer.domain1.com server, but making my server a pretty and insecure OpenRelay server:


    zmprov ms mx1.domain1.com zimbraMtaMyNetworks ‘127.0.0.0/8 [::1]/128 192.168.1.0/24 0.0.0.0/0’

    Any clue about this ?

    Kindly Regards.

    1. Hi,

      You should use transport mta for redirect email from outside. This guidance only work if sending email from your server to another server.

  10. Thanks for your feedback I used it today and it works very well.
    In fact, many articles use

    zmlocalconfig -e postfix_transport_maps=”texthash:/opt/zimbra/postfix/conf/transportfile proxy:ldap:/opt/zimbra/conf/ldap-transport.cf”

    But postfix reload does not retain the value because of /opt/zimbra/conf/zmconfigd.cf postconf overwrite of transport_maps based on the zimbraMtaTransportMaps variable. The GUI does not allow you to set transport_maps and you cannot edit or postconf -e transport_maps with any effect after reload.

    Much appreciated.

    1. Hi,

      I think this configuration has been suitable with your case

      zmprov ms mail.example.com zimbraMtaTransportMaps "lmdb:/opt/zimbra/postfix/conf/transportfile,proxy:ldap:/opt/zimbra/conf/ldap-transport.cf"
      
  11. Hello Iman, thank you for your nice post.

    I configured this on Zimbra 8.6 and it worked fine. However, after configuring it in 8.7 where multiple domains are hosted, my email send/receive stopped.
    e.g.
    domain1.com is the mother domain

    I added transport table using below command:
    zmprov ms mail.domain1.com zimbraMtaTransportMaps “lmdb:/opt/zimbra/postfix/conf/transportfile,proxy:ldap:/opt/zimbra/conf/ldap-transport.cf”

    After executing it and restarting zimbra service, while I was going to send an email it showed error: temporary lookup failure.

    Any solution on this would be appreciated.

  12. Hi Iman,

    I’m using Zimbra 8.7.5 and tried above steps but not working. Can you guide me settings for Zimbra 8.7.5?

    Thanks,
    Amit

    1. Hello Amit,
      This file is not available on Zimbra 8.7.x and latest

      /opt/zimbra/postfix/conf/transportfile
      

      Please adjust with your version

    1. Hello,
      You only need add IP address your email server on Zimbra that configured as mail gateway in the trusted network. Then, your Zimbra has been act as mail gateway

Leave a Reply to Alexandre Cancel reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.