Zimbra

harish_s7 · #1 (**permalink**) 05-28-2009, 07:30 AM

Hi

We are using Zimbra open soure 4.0.4 server with RBL 's like CBL and spahouse, it was working fine all these days , recently SSL certificates got expired , then the zimbra mail server started rejecting each and every external mails from yaho , google .... ( not from internal local users mails) because of RBL sites like cbl and spamhouse , though all those domains or IPs were not present in RBL sites , then I removed all RBL MTA restriction and recreated the SSL certificates , Now we are able to receive all mails ,

But If I update RBL restrictions in postfix/main.cf or through zmprov command it will start rejecting all external mails even if the mail IDs , domains ,and IP's are valid and clean .

Please let me know how to fix this.
thanks in advance .

Harish

uxbod · #2 (**permalink**) 05-29-2009, 01:18 AM

Welcome to the forums

Would you post a extract from /var/log/zimbra.log so we can see what Postfix and Amavis is doing please.

You should really plan a upgrade going by your version number

harish_s7 · #3 (**permalink**) 06-08-2009, 03:07 AM

Sorry for the late replay I was not keeping well

Hi

I get below error pasted from my zimbra.log file .

Jun 8 13:00:34 mydomain postfix/smtpd[3028]: NOQUEUE: reject: RCPT from web51510.mail.re2.yahoo.com[206.190.38.202]: 554 Service unavailable; Client host [206.190.38.202] blocked using dnsbl.njabl.org; from=<hari_future@yahoo.com> to=<harishkr@mydomain.com> proto=SMTP helo=<web51510.mail.re2.yahoo.com>
Jun 8 13:00:35 s7solutions postfix/smtpd[3028]: disconnect from web51510.mail.re2.yahoo. .com[206.190.38.202]

uxbod · #4 (**permalink**) 06-08-2009, 03:19 AM

Well that Y! server has got itself blacklist in dnsbl.njabl.org. Personally I would drop using that RBL.

harish_s7 · #5 (**permalink**) 06-08-2009, 06:52 AM

HI
Though this IP is not present in dnsbl.njabl.org, still it is rejecting
njabl.org

This behavior started after ssl certification expiry , we were unable to use zmprov command then , once we recreated ssl certificates we were able to use zmprov command but this mail rejection problem continued because of RBL’s ,IF RBL reference is there mail server is rejecting all external mails, even though physically IP’s are not present in any RBL database’s .
But zimbra log says blocked using dnsbl.njabl.org strange .

Please help me on this

Harish

veronica · #6 (**permalink**) 06-08-2009, 12:59 PM

RBL 's like dnsbl.njabl.org , i doubt are updated on regular basis. I would recommand not using many RBL's and one which is globally adopted is zen.spamhaus.org.

uxbod · #7 (**permalink**) 06-08-2009, 01:04 PM

Or add it into SA and use scoring instead.

harish_s7 · #8 (**permalink**) 06-09-2009, 02:41 AM

How can I do this plase let men know .

adding into SA

harish

uxbod · #9 (**permalink**) 06-09-2009, 02:44 AM

A number of RBLs are already checked in SA ... Go into /opt/zimbra/conf/spamassassin and check the rules. I think it is something like 20_rblchecks.cf ... You could always grep for the domain name eg. spamhaus.

Zimbra

Downloads

Product Information

Toolbox

Why Join?