Results 1 to 2 of 2

Thread: Querying zimbra LDAP hidden accounts

  1. #1
    inigoml's Avatar
    inigoml is offline Project Contributor
    Join Date
    Aug 2006
    Location
    Madrid, Spain
    Posts
    124
    Rep Power
    8

    Default Querying zimbra LDAP hidden accounts

    We are implementing an SMTP tarpit spam system in front of Zimbra in order to lower spam rate with postfix.
    For our system, we query zimbra via LDAP in order to detect it an email is or not valid, enabling postfix tarpit if the error number in reception emails is high. So, our architecture is postfix -------> zimbra (postfix also)

    The system is working without problem, and front postfix queries zimbra LDAP without problem. Our base query es "mail=%s"

    However, if an email address is marked as hidden in Zimbra GAL, we cannot query it via LDAP althought address is in fact there and it is valid, so our postfix should forward email to zimbra but it doesn't due to does not appear in LDAP query.

    So the question is, how can we query a valid email address vía LDAP if this is marked as hidden in GAL from Zimbra.

    Thanks in advance.

  2. #2
    inigoml's Avatar
    inigoml is offline Project Contributor
    Join Date
    Aug 2006
    Location
    Madrid, Spain
    Posts
    124
    Rep Power
    8

    Default SOLVED [postfix tarpitting, Zimbra LDAP]

    Sometimes it's better stop and think....
    The problem was due to the attribute type we are requesting.

    Since we where expecting a "mail" attribute and hidden lists, for example, don't have mail attribute, there were no response for them.
    Postfix only wait to receive SOMETHING when querying LDAP, so all we had to do is find something that all accounts have in common, for example, objectclass.

    So, we configured postfix for theses parameters:
    query_filter= (|(zimbraMailDeliveryAddress=%s)(zimbraMailAddress =%s)(zimbraMailAlias=%s)(mail=%s))
    result_attribute = objectClass

    Now our postfix checks against zimbra LDAP in order to verify that an email is valid. If it's valid, there is no delay (tarpit). If there are invalid addresses in SMTP envelope, (that is, lots of "MAIL TO: invalid@foo.com" then it starts to slow reponses.

    Now we have to "feed" spammers with lot of invalid addresses for my company. We will put them hidden in our corporate site so when some spammer send something, there will be some valid email addresses and hundred or thousand invalid ones and tarpitting will start slowing connection.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  2. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  3. Replies: 8
    Last Post: 02-27-2007, 04:10 AM
  4. svn version still won't start
    By kinaole in forum Developers
    Replies: 0
    Last Post: 10-04-2006, 06:47 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •