Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: how to protect email from @domain.com to @domain.com from internet

  1. #1
    stiawan is offline New Member
    Join Date
    Feb 2009
    Location
    Jakarta - Indonesia
    Posts
    4
    Rep Power
    6

    Angry how to protect email from @domain.com to @domain.com from internet

    I have installing zimbra server with Public Internet IP.
    One big problem is, I found one email come from internet,
    destination to local domain recv@domain.com with sender
    email recv@domain.com.

    How do I protect this things not happen again ?

  2. #2
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Welcome to the forums

    They are just spoofing the header. If you can post the headers of that email we can see how to help you improve the SPAM checking.

  3. #3
    adeelarifbhatti is offline Advanced Member
    Join Date
    Feb 2009
    Posts
    188
    Rep Power
    6

    Thumbs up

    Hi,
    its simple!!

    Enable the SMTP authentication on port 465, and protect the port 25 from receiving the mail from localdomain.com

    Regards
    Adeel

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by adeelarifbhatti View Post
    Hi,
    its simple!!

    Enable the SMTP authentication on port 465, and protect the port 25 from receiving the mail from localdomain.com
    I believe this is a question about stopping spam not blocking the inbound messages. BTW, the correct Submissions port is 587 not 465 (details in the forums on how to enable that).
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    adeelarifbhatti is offline Advanced Member
    Join Date
    Feb 2009
    Posts
    188
    Rep Power
    6

    Lightbulb

    on 25 port when mail will be coming from the localdomain.com, it will be rejected, or can be blocked as being consider as SPAM, now all the spammer who are pretending to be from localdomain.com will deliver mail on 25 and that will be rejected or will be send to spam.someting@localdomain.com.
    When users will deliver email on port 465 SMTP (SSL port), it will ask users to authenticate before delivering email, and as this mail is coming on port 465 with authentication, so will get kicked in to recepient mailbox.


    Issue resolved.
    Regards
    Adeel

  6. #6
    ewilen's Avatar
    ewilen is offline Moderator
    Join Date
    Jun 2008
    Location
    Berkeley, CA
    Posts
    1,474
    Rep Power
    8

    Default

    I believe he's saying that port 25 should be blocked only from receiving mail addressed from a local domain. How to do this, I don't know.

    Speaking of port 465 vs. 587, does anyone know why Zimbra persists in using 465 as the default?

  7. #7
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by ewilen View Post
    Speaking of port 465 vs. 587, does anyone know why Zimbra persists in using 465 as the default?
    That's changed in version 6.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  8. #8
    adeelarifbhatti is offline Advanced Member
    Join Date
    Feb 2009
    Posts
    188
    Rep Power
    6

    Thumbs up

    making 465 works by uncommenting or adding following lines in master.cf.in file

    465 inet n - n - - smtpd
    -o smtpd_tls_wrappermode=yes -o smtpd_sasl_auth_enable=yes
    -o smtpd_client_restrictions=permit_sasl_authenticate d,reject

    As far as blocking mails from localdomain.com on port 25, you can add localdomain.com is to the blacklist of spamassassin, or you can use the postfix to reject mails coming on port 25 from localdomain.com. It can be done by using the access file.

    Regards
    Adeel

  9. #9
    stiawan is offline New Member
    Join Date
    Feb 2009
    Location
    Jakarta - Indonesia
    Posts
    4
    Rep Power
    6

    Default

    Thank for all suggestions.

    This is the examples telnet to mailserver directly from internet.
    220 ***********************************
    HELO mail.my-domain.com
    250 mx1-zimbra.my-domain.com
    MAIL FROM: zidane@my-domain.com
    250 2.1.0 Ok
    RCPT TO: toni.stiawan@my-domain.com
    250 2.1.5 Ok
    DATA
    354 Please start mail input.
    FROM: zidane@my-domain.com
    TO: toni.stiawan@my-domain.com
    SUBJECT: test direct telnet 0946AM GMT+7
    abcdef
    ignore please
    .
    250 Mail queued for delivery.


    Return-Path: zidane@my-domain.com
    Received: from blade01.my-domain.com (LHLO mx1-zimbra.my-domain.com)
    (172.16.241.25) by mx1-zimbra.my-domain.com with LMTP; Mon, 10 Aug 2009
    09:46:35 +0700 (GMT+07:00)
    Received: from mail.my-domain.com (unknown [222.124.198.186])
    by mx1-zimbra.my-domain.com (Postfix) with SMTP id 32E58382743
    for <toni.stiawan@my-domain.com>; Mon, 10 Aug 2009 09:46:33 +0700 (WIT)
    FROM: zidane@my-domain.com
    TO: toni.stiawan@my-domain.com
    SUBJECT: test direct telnet 0946AM GMT+7
    Message-Id: <20090810024634.32E58382743@mx1-zimbra.my-domain.com>
    Date: Mon, 10 Aug 2009 09:46:33 +0700 (WIT)

    abcdef
    ignore please
    -----------------------

    I donot know how to configure zimbra to protect spam/sender with the sampe domain.

    I think SPF/Domainkey can be help to block email spam with the same domain, but i cannot find any manual to configure zimbra with SPF.

    any suggest ?

  10. #10
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    What you're seeing is known as backscatter or NDR spam, search the forums for the word 'backscatter' for some advice on reducing it.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] mailboxmanager does not start
    By jrefl5 in forum Administrators
    Replies: 18
    Last Post: 01-30-2012, 11:40 PM
  2. [SOLVED] Moving Zimbra to a new server
    By krolen in forum Administrators
    Replies: 109
    Last Post: 02-05-2009, 11:38 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  4. upgrade to 4.0.3 antispam does'nt work
    By lucanannipieri in forum Administrators
    Replies: 14
    Last Post: 11-07-2006, 03:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •