Mail Transfer Agent (MTA) is a software that transfers e-mail messages from one computer to another via SMTP.
Mail Routing Scenarios
We want to introduce you to some pretty common scenarios that you will face in your day-to-day. Before we start, I’d like to remember you that in order to be able to send and receive mail you need valid DNS recors.
Sending mail from Zimbra to another server
In order to perform mail sending to a remote domain, Zimbra will look up MX record(s) in the DNS of that domain. The MX record directs to the hostname of the machine receiving the message. This, again, has an A record within the DNS. Below is an example of how you can check these two aspects via command line.
Assuming we have a domain called “sampledomain.com” we can check the MX record:
$ host -t mx sampledomain.com
And having on that domain an hostname called mail.sampledomain.com, we can also check the A record:
$ host -t a mail.sampledomain.com
Sending mail from Zimbra to Zimbra
This scenario is quite similar to the previous one. Again to send mail to a domain hosted on a Zimbra server, Zimbra will look in DNS for MX record(s) for that domain.
There is a peculiarity to this scenario. If your Zimbra server has a private IP, you will have to use what is called “split dns” otherwise you risk not being able to send mail to other users on the same server.
Sending mail from a server on internet to Zimbra
This scenario works very similarly to the first one we saw, only in reverse. In this case, in fact, a remote MTA to send mail to a Zimbra server, will go looking for MX record(s) in DNS for the destination domain. After that, it will go looking for the A record for that domain so that it can connect to the appropriate server (Zimbra in this case) and deliver the mail.
Please note that if MX and A entries are not available in public DNS, you may not be able to receive e-mail from remote accounts.
One last note concerns DNS lookups. Be careful that if you disable this feature, via admin console or the zmprov command, Zimbra will go to use the “gethostbyname() system library routine which normally also looks in /etc/hosts”.
If you make this choice without also specifying the SMTP relay host, you’ll find yourself able to send mail to other Zimbra server users, but you won’t be able to send them to the network, although you’ll probably still be able to receive mail from internet.
Incoming and Outgoing mail security
Now that we have seen how MTA works in the management of sending and receiving e-mails, it is important not to forget to always keep a close eye on protecting your messages both outgoing and incoming, to avoid unpleasant surprises related to viruses or intrusions, and useless spam. In this regard I refer you to two articles that explain in detail how to act on this aspect in Zimbra:
- Zimbra Best Practices: Incoming Mail Protection
- Zimbra Best Practices: Improve outgoing Email Security