Results 1 to 5 of 5

Thread: Relay from internal network

  1. #1
    thiagopramos is offline Starter Member
    Join Date
    Jul 2009
    Posts
    1
    Rep Power
    6

    Default Relay from internal network

    Hi, i´m newbee in zimbra.
    I have a relay open for internal network.
    Some workstation be infect by virus and send a mount of spams.
    I find in administration console, but all mails from my internal network have send from 127.0.0.1.
    How log can help me?

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Welcome to the forums

    Well they will show that IP address but there will also be other ones in the headers. It would help if you were to post the headers from one of the emails and we can decode it for you.

  3. #3
    veronica is offline Outstanding Member
    Join Date
    Jun 2008
    Posts
    594
    Rep Power
    8

    Default

    You can find client IP addres from which they are sending spams in zimbra.log. That can be usefull in finding the affected machine.

  4. #4
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Lightbulb Trusted network and spam in Zimbra

    You should check Zimbra's trusted network setting.
    If it includes your firewall/gateways internal network address you have configured it to be an open relay. Congratulations.

    If your local area network is in LAN and your network is something like...
    192.168.0.x or 10.x.x.x then you should definitely NOT include your firewall address in the trusted network.

    For some obscure reason Zimbra's default configuration is very SPAM friendly when it comes to local area networks (LAN).

    Easiest way to fix this is simply put an /32 at the end of the LAN address in trusted network setting. This will make the Zimbra server only trust it self. (And those who log in to it with proper credentials.)
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  5. #5
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Quote Originally Posted by SamTzu View Post
    For some obscure reason Zimbra's default configuration is very SPAM friendly when it comes to local area networks (LAN).
    Local by nature should mean you trust your people and have a grasp of what they are doing aswell

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 17
    Last Post: 11-08-2009, 10:27 PM
  2. DMZ relay to Zimbra internal host
    By swordfish in forum Installation
    Replies: 12
    Last Post: 02-04-2009, 11:30 AM
  3. 3.0 to 4.5.3 Upgrade failed (mysql error)
    By dealt in forum Installation
    Replies: 35
    Last Post: 03-19-2007, 10:30 PM
  4. Set up a internal open relay
    By konradzuse in forum Installation
    Replies: 2
    Last Post: 05-20-2006, 06:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •