Page 2 of 3 FirstFirst 123 LastLast
Results 11 to 20 of 21

Thread: Spam problem on a new installation

  1. #11
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Default

    It appears to be an open relay.
    I don't understand. There are no modifications on the server.
    It's a VMWare virtual Ubuntu 8.04 LTS.
    I did had Logwatch (that installed postfix) on it but I removed it.

    Relay test 1
    >>> RSET
    <<< 250 2.0.0 Ok
    >>> MAIL FROM:<spamtest@abuse.net>
    <<< 250 2.1.0 Ok
    >>> RCPT TO:<securitytest@abuse.net>
    <<< 250 2.1.5 Ok
    Relay test result
    Hmmn, at first glance, host appeared to accept a message for relay.

    THIS MAY OR MAY NOT MEAN THAT IT'S AN OPEN RELAY
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  2. #12
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Code:
    su - zimbra
    zmprov gs `zmhostname` zimbraMtaMyNetworks

  3. #13
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Default

    Still looks good

    zimbra@zimbra-list1:/var/log$ zmprov gs `zmhostname` zimbraMtaMyNetworks
    # name zimbra-list1.my-domain.com
    zimbraMtaMyNetworks: 127.0.0.0/8 10.10.11.0/24
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  4. #14
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Default

    Here is Zimbra Postifix main.cf

    sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf
    virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
    lmtp_connection_cache_time_limit = 4s
    recipient_delimiter =
    smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
    smtpd_tls_auth_only = yes
    myhostname = zimbra-list1.my-domain.com
    virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
    mydestination = localhost
    mailbox_size_limit = 0
    setgid_group = postdrop
    smtpd_client_restrictions = reject_unauth_pipelining
    queue_run_delay = 300s
    minimal_backoff_time = 300s
    virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
    transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
    message_size_limit = 10240000
    sendmail_path = /opt/zimbra/postfix/sbin/sendmail
    broken_sasl_auth_clients = yes
    lmtp_connection_cache_destinations =
    alias_maps = hash:/etc/aliases
    manpage_directory = /opt/zimbra/postfix/man
    policy_time_limit = 3600
    smtpd_helo_required = yes
    in_flow_delay = 1s
    daemon_directory = /opt/zimbra/postfix/libexec
    maximal_backoff_time = 4000s
    virtual_transport = error
    mynetworks = 127.0.0.0/8 10.10.11.0/24
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
    lmtp_host_lookup = dns
    smtpd_tls_loglevel = 1
    relayhost =
    disable_dns_lookups = no
    mail_owner = postfix
    virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
    content_filter = smtp-amavis:[127.0.0.1]:10024
    version = 2.4.7.5z
    mailq_path = /opt/zimbra/postfix/sbin/mailq
    header_checks = pcre:/opt/zimbra/conf/postfix_header_checks
    smtpd_use_tls = yes
    queue_directory = /opt/zimbra/data/postfix/spool
    newaliases_path = /opt/zimbra/postfix/sbin/newaliases
    smtpd_reject_unlisted_recipient = no
    smtpd_data_restrictions = reject_unauth_pipelining
    local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
    command_directory = /opt/zimbra/postfix/sbin
    smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
    smtpd_sasl_auth_enable = yes
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  5. #15
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Default

    Could it be that the firewall's internal NIC is 10.10.11.1 so it fall's in the 10.10.11.0/24 network?
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  6. #16
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Are you users using the web client or fat client ? If web client then you do not need to specify a internal network and just leave with the loopback network.

  7. #17
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Exclamation 'Trusted network' + FireWall = SPAM

    I made this server to test Joomla CMS based mailing list components like Acajoom. It has it's own SMTP mail server settings that it connects to.

    I find it kind of strange that Zimbra's default settings allow this kind of behavior.

    How many Zimbra servers are setup in Local Area Network that still have the default trusted network settings?

    I strongly suggest that the default 'Trusted network' will be set to /32 network not /24 as was the automatic default here.

    This will prevent the 'Automatic SPAM' settings we saw here if the server is behind a firewall. (As quite often is the case.)
    Last edited by SamTzu; 07-17-2009 at 07:03 AM.
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  8. #18
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,469
    Rep Power
    56

    Default

    It's called a 'Trusted Network' for a reason, you're supposed to be able to trust the machines in your LAN. Changing it to 32 will just raise another problem of people not knowing why their LAN PCs can't email through the mail server - and, no, most people don't read the documentation or the wiki or search the forums. If you think the behaviour should change then file an entry in bugzilla.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #19
    SamTzu's Avatar
    SamTzu is offline Loyal Member
    Join Date
    Jan 2006
    Location
    Finland
    Posts
    83
    Rep Power
    9

    Default

    True. I'm lazy too
    The default settings should be something like /24 - .1 & .254
    Or even better, Zimbra should ask what the firewall address is.
    SamTzu
    -----------------------------------------------
    "I keep hitting the esc key, why am I still here?"

  10. #20
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    It also depends on how you configure your firewall; mine is on a internal IP but I also have a router in-front of it on a public IP which then performs NAT to the firewall. No issues here with those trusted network settings

Page 2 of 3 FirstFirst 123 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Close to despair: LDAP installation problem!?
    By Xeronimo1974 in forum Installation
    Replies: 4
    Last Post: 07-17-2009, 09:10 AM
  2. Replies: 7
    Last Post: 01-21-2009, 12:48 AM
  3. [SOLVED] Problem with ldap on installation zimbra
    By yuranchik in forum Installation
    Replies: 1
    Last Post: 12-12-2007, 02:51 AM
  4. Debian installation of 4.5.10 with logger problem
    By firefox32 in forum Installation
    Replies: 3
    Last Post: 11-30-2007, 06:28 AM
  5. Replies: 16
    Last Post: 09-07-2006, 06:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •