Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: [SOLVED] How to restrict senders at the "mail from" command?

  1. #1
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Angry [SOLVED] How to restrict senders at the "mail from" command?

    Hi!

    Zimbra is great, but it have serious and annoying problems...

    For example: I have one Zimbra server for the domain "mycompany.com", but any user of my system can send a e-mail as user@gmail.com or billgates@msn.com through MY ZIMBRA MTA! This is so bad... SO BAD! It is terrible, any good mail server does not allow such things happen... never!

    So, how do I restrict the "mail from" command to allow outgoing mails ONLY FROM the domains configured at MY ZIMBRA?!

    I'm looking for smtpd_sender_restrictions option at the file zmmta.cf, I'm trying everything to block this behavior, without success...

    Thanks,
    Thiago

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Go to the Admin UI/COS the disable the "Allow sending email from any address" feature, someone must have changed that option as it's not enabled by default.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    Already tried this option, have no effect... But, I'll take a look again!

    Thanks!

  4. #4
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    Enabling or disabling the option "Allow sending email from any address" have no effect either.

    Look a mail that I received in GMail as gmail, but from my own server:


    Delivered-To: thiagocmartinsc@gmail.com
    Received: by 10.210.35.2 with SMTP id i2cs174303ebi;
    Fri, 17 Jul 2009 22:54:59 -0700 (PDT)
    Received: by 10.100.8.4 with SMTP id 4mr2610324anh.146.1247896496750;
    Fri, 17 Jul 2009 22:54:56 -0700 (PDT)
    Return-Path: <thiagocmartinsc@gmail.com>
    Received: from vsrv67.worldweb.com.br (vsrv67.worldweb.com.br [200.219.215.142])
    by mx.google.com with ESMTP id 4si5119630yxe.79.2009.07.17.22.54.56;
    Fri, 17 Jul 2009 22:54:56 -0700 (PDT)
    Received-SPF: neutral (google.com: 200.219.215.142 is neither permitted nor denied by domain of thiagocmartinsc@gmail.com) client-ip=200.219.215.142;
    Authentication-Results: mx.google.com; spf=neutral (google.com: 200.219.215.142 is neither permitted nor denied by domain of thiagocmartinsc@gmail.com) smtp.mail=thiagocmartinsc@gmail.com
    Received: from localhost (localhost [127.0.0.1])
    by vsrv67.worldweb.com.br (Postfix) with ESMTP id 75F2399F94
    for <thiagocmartinsc@gmail.com>; Sat, 18 Jul 2009 03:07:12 -0300 (BRT)
    X-Virus-Scanned: amavisd-new at vsrv67.worldweb.com.br
    Received: from vsrv67.worldweb.com.br ([127.0.0.1])
    by localhost (vsrv67.worldweb.com.br [127.0.0.1]) (amavisd-new, port 10024)
    with ESMTP id 9E0srpS9Nj7d for <thiagocmartinsc@gmail.com>;
    Sat, 18 Jul 2009 03:07:07 -0300 (BRT)
    Received: from 187-26-18-134.3g.claro.net.br (187-26-18-134.3g.claro.net.br [187.26.18.134])
    by vsrv67.worldweb.com.br (Postfix) with ESMTP id 83BE489917
    for <thiagocmartinsc@gmail.com>; Sat, 18 Jul 2009 03:07:05 -0300 (BRT)
    Message-ID: <4A6163A3.1030209@gmail.com>
    Date: Sat, 18 Jul 2009 02:54:43 -0300
    From: Thiago <thiagocmartinsc@gmail.com>
    User-Agent: Thunderbird 2.0.0.22 (Macintosh/20090605)
    MIME-Version: 1.0
    To: thiagocmartinsc@gmail.com
    Subject: TESTE
    Content-Type: text/plain; charset=ISO-8859-1; format=flowed
    Content-Transfer-Encoding: 7bit


    My infos:
    root@vsrv67:~# dpkg -l | grep zimbra
    ii zimbra-apache 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-archiving 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-convertd 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-core 5.0.16_GA_2921.UBUNTU6 ZCS Network Edition
    ii zimbra-ldap 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-logger 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-mta 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-proxy 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-snmp 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-spell 5.0.16_GA_2921.UBUNTU6 Best email money can buy
    ii zimbra-store 5.0.16_GA_2921.UBUNTU6 Best email money can buy

    root@vsrv67:~# file /bin/bash
    /bin/bash: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), for GNU/Linux 2.2.0, dynamically linked (uses shared libs), for GNU/Linux 2.2.0, stripped

    root@vsrv67:~# lsb_release -r
    Release: 6.06

    I don't know how to avoid this behavior, in any one of my Zimbras, I have a lot of Zimbra servers in my network, most of then are the open source edition.

    Thanks!
    Thiago

  5. #5
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    How are people getting to your command line on the ZCS server to send a email anyway

  6. #6
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    How are people getting to your command line on the ZCS server to send a email anyway
    Sorry, did not understand either.

  7. #7
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    Again... How do I restrict the "mail from" command to allow outgoing mails ONLY FROM the domains configured at my Zimbra?!

    The option "Allow sending email from any address" does not have any effect!!

    My authenticated bad users are still using my Zimbra to send mail as @gmail.com, @hotmail.com, @sapo.pt....

    Cheers!
    Thiago

  8. #8
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    Quote Originally Posted by asdfasdf View Post
    asdfasdfasdfasdf
    Sorry but... what hell is that?!

  9. #9
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default

    This forum is "very" useful... tsc...tsc...

  10. #10
    Thiago Camargo Martins is offline Active Member
    Join Date
    Mar 2008
    Location
    São Paulo - Brasil
    Posts
    26
    Rep Power
    7

    Default Option "Allow sending email from any address" not working!

    I have one Zimbra server for the domain "company.com.br", but any user of my system can send a e-mail as, for example, "user@gmail.com" or even "billgates@microsoft.com" through my Zimbra MTA!!!

    So, how do I restrict the "mail from: <>" command at the smtp time, to allow outgoing mails ONLY FROM the domains configured at my Zimbra Admin Panel?!

    Example:
    administrativo@vsrv67:~$ telnet vsrv69.company.com.br 25
    Trying 200.Z.Y.X...
    Connected to vsrv69.company.com.br.
    Escape character is '^]'.
    220 vsrv69.company.com.br ESMTP Postfix
    helo company.com.br
    250 vsrv69.company.com.br
    mail from: thiagocmartinsc@gmail.com
    250 2.1.0 Ok

    WRONG!!! This is NOT OKAY!

    Only the domain "company.com.br" is ok here!
    How to block this Zimbra behavior?

    Please, I need to solve this today!!!
    I guess the option "Allow sending email from any address" isn't working!

    Thanks
    Thiago

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] upgrading to latest 4.5 release
    By ak2009 in forum Installation
    Replies: 6
    Last Post: 01-17-2009, 09:08 AM
  2. build of nginx fails
    By syhliu in forum Developers
    Replies: 11
    Last Post: 11-24-2008, 05:41 PM
  3. Zimbra OSS 4.5.11 Re-install
    By newmember in forum Installation
    Replies: 0
    Last Post: 09-09-2008, 10:26 PM
  4. Upgrade from 5.0.2 to 5.0.6
    By fconil in forum Installation
    Replies: 2
    Last Post: 06-10-2008, 04:49 PM
  5. i made a mess 4.5.6 -> 4.5.10 to a future 5.0 FOSS
    By innercy in forum Installation
    Replies: 7
    Last Post: 01-09-2008, 07:05 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •