Results 1 to 6 of 6

Thread: zimbraMtaRestriction makes it impossible to send mail

  1. #1
    rty
    rty is offline Active Member
    Join Date
    Dec 2006
    Posts
    27
    Rep Power
    8

    Default zimbraMtaRestriction makes it impossible to send mail

    zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org" is very nice for not receiving spam.
    However, I am getting the impression that it also sometimes prohibits authenticated users from sending legitimate mail:

    Sep 20 11:03:10 zimbra postfix/smtpd[17900]: connect from unknown[194.24.158.17]
    Sep 20 11:03:11 zimbra postfix/smtpd[17900]: setting up TLS connection from unknown[194.24.158.17]
    Sep 20 11:03:14 zimbra postfix/smtpd[17900]: TLS connection established from unknown[194.24.158.17]: SSLv3 with cipher RC4-MD5 (128/128 bits)
    ...
    Sep 20 11:03:57 zimbra postfix/smtpd[17900]: F2B431DA307: client=unknown[194.24.158.17], sasl_method=LOGIN, sasl_username=rainer
    Sep 20 11:04:02 zimbra postfix/cleanup[21951]: F2B431DA307: message-id=<20070920090357.F2B431DA307@zimbra.mexxxxxxd.co m>
    Sep 20 11:04:02 zimbra postfix/qmgr[24220]: F2B431DA307: from=<rainer@xxxxxxm>, size=2231, nrcpt=1 (queue active)
    Sep 20 11:04:03 zimbra postfix/smtpd[17900]: disconnect from unknown[194.24.158.17]
    ....
    Sep 20 11:04:04 zimbra postfix/cleanup[21951]: E19041DF14D: message-id=<20070920090357.F2B431DA307@zimxxxxxxxxxd.com>
    Sep 20 11:04:04 zimbra postfix/qmgr[24220]: E19041DF14D: from=<rainer@txxxxom>, size=2924, nrcpt=1 (queue active)
    Sep 20 11:04:04 zimbra postfix/smtp[21994]: F2B431DA307: to=<andi@ifsxxxxxxxxxac.at>, relay=127.0.0.1[127.0.0.1], delay=8, status=sent (250 Ok: queue
    d as E19041DF14D)
    Sep 20 11:04:04 zimbra postfix/qmgr[24220]: F2B431DA307: removed

    so far, so good. But:

    Sep 20 11:10:09 zimbra postfix/smtpd[24153]: connect from unknown[194.24.158.17]
    Sep 20 11:10:13 zimbra postfix/smtpd[24153]: NOQUEUE: reject: RCPT from unknown[194.24.158.17]: 554 Service unavailable; Client host [194.24.158.17]
    blocked using cbl.abuseat.org; Blocked - see CBL Lookup for 194.24.158.17 from=<rainer@tcccccccm> to=<andi@ixxxxxxx.ac.at>
    proto=ESMTP helo=<Inbox>
    Sep 20 11:10:15 zimbra postfix/smtpd[24153]: disconnect from unknown[194.24.158.17]

    So, despite having logged in successfully with SASL, I was denied my request of sending mail. Is there a way of using the ZimbraMtaRestriction for receiving mail without making it hard for legitimate users to send mail?

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,469
    Rep Power
    56

    Default

    So, are you saying that this 194.24.158.17 is your IP address where you've logged in from? How would you expect to deliver mail to Zimbra when using the rbl at reject_rbl_client cbl.abuseat.org when that IP is actually listed at that RBL?

    You've asked Zimbra to block mail from listed IPs, it does what you've asked and blocked that IP after referring to the RBL. I'm slightly confused (unless I've missed something in your post), could you tell me why you think that's incorrect?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    rty
    rty is offline Active Member
    Join Date
    Dec 2006
    Posts
    27
    Rep Power
    8

    Default

    Quote Originally Posted by phoenix View Post
    So, are you saying that this 194.24.158.17 is your IP address where you've logged in from?
    yes. (with my mobile handset, where I have no control over what IP address gets assigned to me, I often happen to get a blacklisted one).

    Quote Originally Posted by phoenix View Post
    How would you expect to deliver mail to Zimbra when using the rbl at reject_rbl_client cbl.abuseat.org when that IP is actually listed at that RBL?
    I am not asking it to deliver mail to Zimbra. I just want to be able to use my Zimbra server to send mail to other people, even with my mobile handset.

    I would expect the Zimbra blocking to have an effect on incoming mail, not on outgoing mail that is sent by authenticated users of my own server.

  4. #4
    mmorse's Avatar
    mmorse is offline Moderator
    Join Date
    May 2006
    Location
    USA
    Posts
    6,242
    Rep Power
    21

    Default

    You could temporarily add it to 'trusted networks'...
    As long as your provider hands out dynamic ip's...but are they all in 192.24 range that you would be comfortable adding that whole range?

    (then add that to the trusted_networks section in /opt/zimbra/conf/spamassassin/local.conf)
    -What networks or hosts are 'trusted' in your setup. 'Trusted' in this case means that relay hosts on these networks are considered to not be potentially operated by spammers, open relays, or open proxies. A trusted host could conceivably relay spam, but will not originate it, and will not forge header data. DNS blacklist checks will never query for hosts on these networks.


    Why was it blocked?-well the previous owner seems to have been busy:
    ----
    abuseat:
    IP Address 194.24.158.17 was found in the CBL.
    It was detected at 2007-09-19 08:00 GMT (+/- 30 minutes), approximately 1 days, 4 hours ago.
    It has been relisted following a previous removal at 2007-09-12 14:38 GMT
    Request delisting of 194.24.158.17.

    ----
    spamcop:
    194.24.158.17 listed in bl.spamcop.net (127.0.0.2)

    If there are no reports of ongoing objectionable email from this system it will be delisted automatically in approximately 21 hours.

    Causes of listing
    * System has sent mail to SpamCop spam traps in the past week (spam traps are secret, no reports or evidence are provided by SpamCop)

    Additional potential problems
    (these factors do not directly result in spamcop listing)
    * DNS error: 194.24.158.17 has no reverse dns

    Because of the above problems, express-delisting is not available

    Listing History
    In the past 13.7 days, it has been listed 6 times for a total of 11.8 days
    Other hosts in this "neighborhood" with spam reports
    194.24.158.16

    ----
    spamhaus:
    194.24.158.17 is not listed in the SBL
    194.24.158.17 is not listed in the PBL
    194.24.158.17 is listed in the XBL, because it appears in:
    cbl.abuseat.com
    Last edited by mmorse; 09-20-2007 at 05:26 AM.

  5. #5
    rty
    rty is offline Active Member
    Join Date
    Dec 2006
    Posts
    27
    Rep Power
    8

    Default

    well, thanks, but this all does not address my underlying problem:

    - users log into my Zimbra server for the purpose of sending mail; they can have any dynamically assigned IP address that has previously been used by busy spammers; I don't trust those hosts, but I do trust my own server's users once they have authenticated themselves

    - I don't want my Zimbra users to be flooded with spam

    - I do want my Zimbra users to be able to send mail, even if they have been dynamically assigned a blacklisted IP address

    So, in other words, I want to reject incoming mail from blacklisted IP addresses, but I want my own Zimbra users to be able to send mail elsewhere, even if they are using a blacklisted IP address. Is this just impossible with Zimbra?

  6. #6
    rty
    rty is offline Active Member
    Join Date
    Dec 2006
    Posts
    27
    Rep Power
    8

    Default

    Actually, it would be even better if my users could make their mail originate from my Zimbra server instead of from their blacklisted IP address, but without using the web client (since that's really tedious with a small screen).
    Is it possible to set up some sort of SMTP proxy that would make it look to Zimbra as if my users would write their mail on the Zimbra server instead of on their possibly blacklisted handheld device? That would also make it more likely that they would reach their recipients.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •