Configuring PMG

jose valdez

New Member
Oct 16, 2018
18
0
1
52
Hello gentlemen, I like to greet you. I was observing what was published on Proxmox Mail Gateway. I installed it under a virtual server interacting with the Zimbra and Endian server. What I want to do is just apply the spam rules on the outgoing emails from Zimbra, so that Proxmox Mail Gateway analyzes them and if the rules are passed out through the Endian firewall. But I do not see traffic on my PMG map, and I do not know if this happens to me because of a configuration error in the Proxmox Mail Gateway.

The infrastructure is defined as follows:

IP Zimbra email server: aaaaaaa (example)
IP PMG: BBBBBB
Endian IP firewall: CCCCCCCC


And it is defined in the mail proxy configuration:

Relay by default: aaaaaaa
SMTp port: 25
Smarthost: CCCCCCCC

In the relay domain section, I included only the domain that the emails use.

In the ports section, leave them like this:

External SMTP port: 25
Internal SMTP port: 26


Please can you give me a light to see if I can terminal to implement the solution.

Thank you
 
Hi,

you're in the german forum, so I'm afraid, your post is in the wrong thread. However, if you want outgoing mails been checked, you need to direct your Zimbra server to use bbbb at port 26 as relay host for outgoing mails and if they then should pass Endian as well, you need additional to set cccc at maybe port 25 as additional relay host on PMG. You setup looks a bit confusing based on your description above.

So Zimbra => PMG:26 => Endian is what you want to do? Then you need to adjust Zimbra to forward to PMG and then PMG to forward to Endian.

Regards,
Christian
 
Hi,

you're in the german forum, so I'm afraid, your post is in the wrong thread. However, if you want outgoing mails been checked, you need to direct your Zimbra server to use bbbb at port 26 as relay host for outgoing mails and if they then should pass Endian as well, you need additional to set cccc at maybe port 25 as additional relay host on PMG. You setup looks a bit confusing based on your description above.

So Zimbra => PMG:26 => Endian is what you want to do? Then you need to adjust Zimbra to forward to PMG and then PMG to forward to Endian.

Regards,
Christian
Hi,

you're in the german forum, so I'm afraid, your post is in the wrong thread. However, if you want outgoing mails been checked, you need to direct your Zimbra server to use bbbb at port 26 as relay host for outgoing mails and if they then should pass Endian as well, you need additional to set cccc at maybe port 25 as additional relay host on PMG. You setup looks a bit confusing based on your description above.

So Zimbra => PMG:26 => Endian is what you want to do? Then you need to adjust Zimbra to forward to PMG and then PMG to forward to Endian.

Regards,
Christian
Hi, thank you very much for your response, grateful. But I still have a doubt, in Proxmox Mail Gateway where I must perform the configuration so that the emails are delivered from PMG to the ENDIAN. Please, I would very much like to thank you for this clarification.
 
Hi, thank you very much for your response, grateful. But I still have a doubt, in Proxmox Mail Gateway where I must perform the confiuration so that the emails are delivered from PMG to the ENDIAN. Please, I would very much like to thank you for this clarification.
 
[QUOTE = "heutger, post: 226045, miembro: 56237"] Hola,

para enviar correos electrónicos de PMG a Endian (creo que salientes, ¿no?), debe configurar el smarthost en Endians Mail Proxy.

Saludos,
Cristiano [/ CITA]
 
Hi,

for sending mails from PMG to Endian (I believe outbound then, right?) you need to set the smarthost to Endians Mail Proxy.

Regards,
Christian

Thank you very much Cristiano for your clarification. But excuse my ignorance of PMG. I imagine that you recommended me to do it also must do it in PMG, right? This I configure in the SmarHost parameter located in the Relaying Mail Proxy section of the PMG?

What value should I place in the Default Relay parameter and in the SMTP Port parameter located in the PMG Relaying Mail Proxy section?

In Zimbra, I am placing the IP address of my PMG server with port 26 on the destination parameter of MTC, is this configuration OK? additional should I create an open relay in zimbra to send the outgoing emails to the PMG?
Please your clarifications would help me confirm if I am configuring well the platforms involved.
Thank
Definiciones de thank
Verbo
express gratitude to (someone), especially by saying “Thank you”.
Mac thanked her for the meal and left
sinónimos: express (one's) gratitude to, express one's thanks to, offer/extend thanks to
 
Yes, you need to configure smarthost in the GUI of PMG. You need to enter the IP or hostname of your Endian there, if I understood your setup correct.

Sounds good, however, I have no experiences with Zimbra yet, I never worked with.

You should not set an open relay in Zimbra, just use the option (should be similar), that Zimbra relays its mail via "smarthost" or however it's named there with the IP of PMG and the port 26.

You may try out in a test installation, as I have no experience with Zimbra or Endian, I just can expect, what you need to set as all systems are somehow similar, but they are not the same.
 
Yes, you need to configure smarthost in the GUI of PMG. You need to enter the IP or hostname of your Endian there, if I understood your setup correct.

Sounds good, however, I have no experiences with Zimbra yet, I never worked with.

You should not set an open relay in Zimbra, just use the option (should be similar), that Zimbra relays its mail via "smarthost" or however it's named there with the IP of PMG and the port 26.

You may try out in a test installation, as I have no experience with Zimbra or Endian, I just can expect, what you need to set as all systems are somehow similar, but they are not the same.

What value should I place in the Default Relay parameter and in the SMTP Port parameter located in the PMG Relaying Mail Proxy section?
 
Hello, first of all, thank you very much for the information provided. But I still do not see the Proxmox Mail Gateway working with the outgoing emails sent to them by Zimbra mail server.

I inform you to apply your recommendations but I do not see traffic of outgoing emails in the PGM, I explain what I did:

1.- In the MTA of the Zimbra mail server, place the IP of the PGM with port 26. The ip of the PGM is 172.100.172.20 and that of Zimbra is 172.100.172.25.

2.- In the PGM network configuration and time set the IP of the PGM, sub network and gateway.

3.- In the PGM section Mail Proxy Configuration configure them as follows:
Default Relay Place the ip of the Endian Firewall

SMTP Port: 25

smarthost: none

Relay Domain: ferrominera.gob.ve (Domain of the mails that go out from Zimbra)

External Port: 25
Internal Port: 26

This was the configuration that you make so that only the outgoing emails that have the domain ferrominera.gob.ve pass through the PGM.

With the changes I made now, I do not see any information in the PMG Tracking Center, but the statistics of the incoming and outgoing traffic of the network that are shown in the Server Administration section, but the mail does not go through the Endian firewall, despite the fact that have created the security rule.

If I am armed with something of the configuration of the PGM that you specify, you can indicate it to me to make the corrections.

I would appreciate your help.
 
Hi,

how was the setup before PMG on Zimbra? Did you check the logs?

In Mail Proxy Relaying the default relay shouldn't be Endian, it should be Zimbra, you set where to relay incoming mails to (after spam check) (see admin guide and read the manual). For outgoing mails you need to set Endian IP and optional port (if not 25) at smarthost. Relay Domains is fine.

So Internet => Endian => PMG => Zimbra - this last step (PMG => Zimbra) is done by the default relay setting (or if you want to set separate destinations, you need to use the Transports tab for each separate domain) meanwhile Zimbra => PMG => Endian => Internet - this last step (PMG => Endian) is done by smarthost setting (with optional port could be set, if different from 25).

Regards,
Christian
 
Hello, thank you very much for your answer.

I answer what you ask me:

In Zimbra at the MTC level, the PMG IP was configured with port 26.

PMG does not receive incoming emails since ENDIAN is configured to send these emails to Zimbra, after passing through another spam solution.

On what you recommended me to configure the ENDIAN IP, you could please tell me in which PMG section I should do this.

Thankful for your help.
 
At this point I get messages from outside but when my mail server sends an email to my mail-gateway, it is not able to send it abroad, simply in the logs it shows RELAY ACCESS DENIED (FROM: my internal network or mailserver TO: Internet). The way that the mail does is:

IN: internet - MX(mailgateway) - internalmailserver ((IT IS FINE))

OUT: internalmailserver - MX(mailgateway) - Internet ((RELAY ACCESS DENIED))

Log------------------------------------------------- -------------------------------------------
From internalmailserver (uo.edu.cu) to MX(mailgateway) ((RELAY ACCESS DENIED))

Jan 31 16:14:34 mx3 postfix / smtpd [5674]: NOQUEUE: reject: RCPT from zmta1.uo.edu.cu [10.30.1.58]: 454 4.7.1 <geoffrey_holyfield@gawab.com>: Relay access denied; from = <anuario@uo.edu.cu> to = <geoffrey_holyfield@gawab.com> proto = ESMTP helo = <zmta1.uo.edu.cu>

Somebody help me?
 
I put my subdomain zimbra servers in relay domain and they are in the same subnet. However, in network I also put the complete mydomain/ 24 subnet. Everything is in the same subnet and the RELAY ACCESS DENIED error persists. Also in Transport I put my hostmail:25.

IN: OK
OUT: Relay access denied

Feb 1 12:35:29 mx3 postfix/smtpd[1898]: NOQUEUE: reject: RCPT from zmta1.uo.edu.cu[10.30.1.58]: 454 4.7.1 <lyda.michels@gmail.com>: Relay access denied; from=<anuario@uo.edu.cu> to=<lyda.michels@gmail.com> p
roto=ESMTP helo=<zmta1.uo.edu.cu>

Any idea?
 
I forget something: My PMG server has two interfaces (Internet IP) and (private IP) and my zimbra has only private IP. They are in the same subnet by the private ip. I do not know if that has to do with the error.
 

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!