Results 1 to 4 of 4

Thread: Zimbra sending mails without authentication via JavaMail

  1. #1
    curium is offline Junior Member
    Join Date
    Mar 2009
    Posts
    9
    Rep Power
    6

    Default Zimbra sending mails without authentication via JavaMail

    Hi,

    I am trying to use Zimbra (or postfix for that matter) to send mails using JavaMail.

    The problem is that Zimbra is sending mails from non-existant users / domains and not using authentication. Ex: Zimbra sends off mails from admin123@mydomain.com even if this account doesnt exist. Also, mails can be sent from admin@mydomain123.com where the domain doesnt exist!!!

    Below are the relevant settings (according to me ) from my /postfix/conf/main.cf file:

    smtpd_recipient_restrictions = reject_unlisted_recipient, reject_non_fqdn_sender, reject_unlisted_recipient, permit_mynetworks, permit_sasl_authenticated, reject_unauth_destination, reject_invalid_hostname, reject_unknown_sender_domain, reject_unknown_recipient_domain, reject_invalid_hostname, reject_non_fqdn_sender, reject
    broken_sasl_auth_clients = yes
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_security_options = noanonymous
    smtpd_sasl_local_domain = $myhostname
    smtpd_client_restrictions = reject_unauth_pipelining


    The below is my /zimbra/conf/postfix_recipient_restrictions.cf file:

    reject_unlisted_recipient
    reject_non_fqdn_sender
    reject_unlisted_recipient
    permit_mynetworks
    permit_sasl_authenticated
    reject_unauth_destination
    reject_invalid_hostname
    reject_unknown_sender_domain
    reject_unknown_recipient_domain
    %%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_client%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client dnsbl.njabl.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client cbl.abuseat.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client bl.spamcop.net%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client dnsbl.sorbs.net%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client sbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client xbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client sbl-xbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client relays.mail-abuse.org%%
    reject


    Plz note that some of these settings might be unneccessary as I have just been trying things out

    Any help will be welcomed as I have been at it the whole day but havent been able to find any solutions!

    Regards,
    Sumit
    Last edited by curium; 04-07-2009 at 05:05 AM.

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    If you are running JavaMail from the ZCS server then the option permit_mynetworks in Postfix will allow it through and perform no other checks.

  3. #3
    curium is offline Junior Member
    Join Date
    Mar 2009
    Posts
    9
    Rep Power
    6

    Default

    Hi uxbod,

    Thanks a lot for the super quick response!! Yes it finally worked.. Thanks a lot.

    But just curious, within zimbra which config file is given precedence: '/postfix/conf/main.cf' or '/zimbra/conf/postfix_recipient_restrictions.cf'? Or am I asking the wrong question?? Basically want to ensure that I am not authenticating mails twice!!!

    Regards,
    Sumit

  4. #4
    curium is offline Junior Member
    Join Date
    Mar 2009
    Posts
    9
    Rep Power
    6

    Default

    Hi uxbod,

    Just tested using a valid email account and even thats not able to send mails now!! What am I doing wrong? I just removed 'permit_mynetworks' from the above mentioned files.

    The logs say that the recipient address is invalid and so , 554 <recipient@domain.com>: Relay access denied.

    Regards,
    Sumit

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 8
    Last Post: 01-20-2009, 01:06 PM
  2. slapd message error
    By smoke in forum Administrators
    Replies: 7
    Last Post: 04-27-2008, 03:23 PM
  3. Replies: 12
    Last Post: 02-25-2008, 07:28 PM
  4. svn version still won't start
    By kinaole in forum Developers
    Replies: 0
    Last Post: 10-04-2006, 06:47 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •