I have a box with Zimbra V5.0.1.
My problem is this: When trying to set the MTA Trusted Networks in the Zimbra Admin Utility to only trust the local box, (not the entire local network) it won't let me do it.
So to explain in a bit more detail:
When I log into the admin control panel and click on "Servers" -> "zimbra.domain.com" and then I click on the "MTA" Tab,
there is a field called "MTA Trusted Networks:".
This field is set to: 127.0.0.0/8 192.168.0.64/26
(the actual ip of the box is different and is a public address, I just used 192.168.0. for privacy reasons)
This means that for any box within the ip address range of 192.168.0.65 to 192.168.0.125 basically has a free pass to send email to anywhere unchecked. In other words, it is an open relay for any box within the ip address range. (I have checked it. It allows any box within that ip range send messages from whomever to whomever)
I tried to change the field from 127.0.0.0/8 192.168.0.64/26
to 127.0.0.0/8 192.168.0.124/32
and I get the following error:
The "localnet" trusted network rule may be fine for most installations, but, for my case, there are untrusted boxes on the local network that have already exploited my box and started sending thousands of spam.
Message: Error! Value for MTA Trusted Networks must contain local subnets: 192.168.0.64/26.
Additional information about MTA Trusted Networks configuration can be found at Zi - Zimbra :: Wiki
The only way that I found to stop this is to simply block those IP addresses in the iptables firewall.
That may be stop exploitations BUT: now I can't get legitimate email from those untrusted ip addresses.
IS THERE A WAY AROUND THIS????