Page 1 of 3 123 LastLast
Results 1 to 10 of 25

Thread: [SOLVED] Authenticate SMTP with Active Directory

  1. #1
    pornsakb is offline Intermediate Member
    Join Date
    Sep 2007
    Posts
    21
    Rep Power
    7

    Default [SOLVED] Authenticate SMTP with Active Directory

    Hi,

    Please advise on how I can do the following:

    1. Force SMTP request to be authenticated with the Active Directory credential
    2. Allow users to send mails to arbitrary address

    I used the Admin interface to enable the "Enable Authentication" option in the MTA setting, but SMTP requests still gets processed without authentication. I don't know if this has to do with the fact that Zimbra is currently running in mixed mode (HTTPS for Auth then HTTP)

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Quote Originally Posted by pornsakb View Post
    1. Force SMTP request to be authenticated with the Active Directory credential
    What is it you're trying to achieve here? What you have set in the Admin UI is for external authentication of users logging into your server.

    Quote Originally Posted by pornsakb View Post
    2. Allow users to send mails to arbitrary address
    I don't understand what you mean by this, users can send email to any address they like. What is the problem you're seeing.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    pornsakb is offline Intermediate Member
    Join Date
    Sep 2007
    Posts
    21
    Rep Power
    7

    Default

    Hi Phoenix, please see my response below.

    Quote Originally Posted by phoenix View Post
    What is it you're trying to achieve here? What you have set in the Admin UI is for external authentication of users logging into your server.
    I want to force users to authenticate before they can send e-mail so that I can prevent spammer from using my SMTP server as a spam relay.

    Below is the Authentication setting currently configured.

    Authentication mechanism:
    External Active Directory
    LDAP bind DN template:
    %u@bar.local
    LDAP URL:
    ldap://foo.bar.local:389


    Quote Originally Posted by phoenix View Post
    I don't understand what you mean by this, users can send email to any address they like. What is the problem you're seeing.
    When a user tries to send e-mail to an address that is not being hosted locally, they get the following error message: "messages not sent; one or more addresses were not accepted."

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Zimbra is not an open relay by default, you don't have to make any modifications for it to do that.The authentication you're setting is for the Zimbra users when they login to your server.

    For your second problem you either have 'mynetworks' incorrectly configured or you have a DNS problem. For the mynetworks setting look at this wiki article, check that first and make sure that you have the 'Enable DNS lookups' option checked in the Admin UI/Global Settings/MTA tab.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    pornsakb is offline Intermediate Member
    Join Date
    Sep 2007
    Posts
    21
    Rep Power
    7

    Default

    Quote Originally Posted by phoenix View Post
    Zimbra is not an open relay by default, you don't have to make any modifications for it to do that.The authentication you're setting is for the Zimbra users when they login to your server.
    Currently users can send e-mails from their e-mail client without authenticating. How do I fix this?

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Do they login to your server? If they do then that is their authentication, they are also (probably) on the trusted network that will allow them to send email.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    pornsakb is offline Intermediate Member
    Join Date
    Sep 2007
    Posts
    21
    Rep Power
    7

    Default

    Phoenix, I tried sending mail by manually typing in SMTP commands and the message gets delivered without authentication. Trusted Network field is empty in the MTA section of the Admin UI.

  8. #8
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    That's because you're on the trusted local network, you are not an open relay and what you're trying is perfectly normal. Check out some of the test on the internet (do a google) for testing your server for being an open relay. You could also check through the forums as this subject has come up once or twice.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    pornsakb is offline Intermediate Member
    Join Date
    Sep 2007
    Posts
    21
    Rep Power
    7

    Default

    Sending from e-mail client now works okay. Now, how do I configure the Web Mail MTA to work over SSL on port 465?

  10. #10
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,506
    Rep Power
    57

    Default

    Why do you want to change it from the default 443?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Page 1 of 3 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 1
    Last Post: 05-28-2008, 04:18 AM
  2. centos 5 zimbra 4.5.6 no statistics
    By rutman286 in forum Installation
    Replies: 9
    Last Post: 08-14-2007, 09:30 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  4. Active Directory GAL Problem
    By TheZog in forum Installation
    Replies: 5
    Last Post: 04-06-2006, 05:48 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •