[SOLVED] How to restrict senders at the "mail from" command?

[Thiago Camargo Martins]

Hi!

Zimbra is great, but it have serious and annoying problems...

For example: I have one Zimbra server for the domain "mycompany.com", but any user of my system can send a e-mail as user@gmail.com or billgates@msn.com through MY ZIMBRA MTA! This is so bad... SO BAD! It is terrible, any good mail server does not allow such things happen... never!

So, how do I restrict the "mail from" command to allow outgoing mails ONLY FROM the domains configured at MY ZIMBRA?!

I'm looking for smtpd_sender_restrictions option at the file zmmta.cf, I'm trying everything to block this behavior, without success...

Thanks,
Thiago

[phoenix]

Go to the Admin UI/COS the disable the "Allow sending email from any address" feature, someone must have changed that option as it's not enabled by default.

[Thiago Camargo Martins]

Already tried this option, have no effect... But, I'll take a look again!

Thanks!

[Thiago Camargo Martins]

Enabling or disabling the option "Allow sending email from any address" have no effect either.

Look a mail that I received in GMail as gmail, but from my own server:


Delivered-To: thiagocmartinsc@gmail.com
Received: by 10.210.35.2 with SMTP id i2cs174303ebi;
Fri, 17 Jul 2009 22:54:59 -0700 (PDT)
Received: by 10.100.8.4 with SMTP id 4mr2610324anh.146.1247896496750;
Fri, 17 Jul 2009 22:54:56 -0700 (PDT)
Return-Path: <thiagocmartinsc@gmail.com>
Received: from vsrv67.worldweb.com.br (vsrv67.worldweb.com.br [200.219.215.142])
by mx.google.com with ESMTP id 4si5119630yxe.79.2009.07.17.22.54.56;
Fri, 17 Jul 2009 22:54:56 -0700 (PDT)
Received-SPF: neutral (google.com: 200.219.215.142 is neither permitted nor denied by domain of thiagocmartinsc@gmail.com) client-ip=200.219.215.142;
Authentication-Results: mx.google.com; spf=neutral (google.com: 200.219.215.142 is neither permitted nor denied by domain of thiagocmartinsc@gmail.com) smtp.mail=thiagocmartinsc@gmail.com
Received: from localhost (localhost [127.0.0.1])
by vsrv67.worldweb.com.br (Postfix) with ESMTP id 75F2399F94
for <thiagocmartinsc@gmail.com>; Sat, 18 Jul 2009 03:07:12 -0300 (BRT)
X-Virus-Scanned: amavisd-new at vsrv67.worldweb.com.br
Received: from vsrv67.worldweb.com.br ([127.0.0.1])
by localhost (vsrv67.worldweb.com.br [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id 9E0srpS9Nj7d for <thiagocmartinsc@gmail.com>;
Sat, 18 Jul 2009 03:07:07 -0300 (BRT)
Received: from 187-26-18-134.3g.claro.net.br (187-26-18-134.3g.claro.net.br [187.26.18.134])
by vsrv67.worldweb.com.br (Postfix) with ESMTP id 83BE489917
for <thiagocmartinsc@gmail.com>; Sat, 18 Jul 2009 03:07:05 -0300 (BRT)
Message-ID: <4A6163A3.1030209@gmail.com>
Date: Sat, 18 Jul 2009 02:54:43 -0300
From: Thiago <thiagocmartinsc@gmail.com>
User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605)
MIME-Version: 1.0
To: thiagocmartinsc@gmail.com
Subject: TESTE
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit


My infos:
root@vsrv67:~# dpkg -l | grep zimbra
ii zimbra-apache 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-archiving 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-convertd 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-core 5.0.16_GA_2921.UBUNTU6 ZCS Network Edition
ii zimbra-ldap 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-logger 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-mta 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-proxy 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-snmp 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-spell 5.0.16_GA_2921.UBUNTU6 Best email money can buy
ii zimbra-store 5.0.16_GA_2921.UBUNTU6 Best email money can buy

root@vsrv67:~# file /bin/bash
/bin/bash: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.0, dynamically linked (uses shared libs), for GNU/Linux 2.2.0, stripped

root@vsrv67:~# lsb_release -r
Release: 6.06

I don't know how to avoid this behavior, in any one of my Zimbras, I have a lot of Zimbra servers in my network, most of then are the open source edition.

Thanks!
Thiago

[uxbod]

How are people getting to your command line on the ZCS server to send a email anyway

[Thiago Camargo Martins]

Quote:

Originally Posted by uxbod

How are people getting to your command line on the ZCS server to send a email anyway

Sorry, did not understand either.

[Thiago Camargo Martins]

Again... How do I restrict the "mail from" command to allow outgoing mails ONLY FROM the domains configured at my Zimbra?!

The option "Allow sending email from any address" does not have any effect!!

My authenticated bad users are still using my Zimbra to send mail as @gmail.com, @hotmail.com, @sapo.pt....

Cheers!
Thiago

[Thiago Camargo Martins]

Quote:

Originally Posted by asdfasdf

asdfasdfasdfasdf

Sorry but... what hell is that?!

[Thiago Camargo Martins]

This forum is "very" useful... tsc...tsc...

[Thiago Camargo Martins]

I have one Zimbra server for the domain "company.com.br", but any user of my system can send a e-mail as, for example, "user@gmail.com" or even "billgates@microsoft.com" through my Zimbra MTA!!!

So, how do I restrict the "mail from: <>" command at the smtp time, to allow outgoing mails ONLY FROM the domains configured at my Zimbra Admin Panel?!

Example:
administrativo@vsrv67:~$ telnet vsrv69.company.com.br 25
Trying 200.Z.Y.X...
Connected to vsrv69.company.com.br.
Escape character is '^]'.
220 vsrv69.company.com.br ESMTP Postfix
helo company.com.br
250 vsrv69.company.com.br
mail from: thiagocmartinsc@gmail.com
250 2.1.0 Ok

WRONG!!! This is NOT OKAY!

Only the domain "company.com.br" is ok here!
How to block this Zimbra behavior?

Please, I need to solve this today!!!
I guess the option "Allow sending email from any address" isn't working!

Thanks
Thiago