Inbound SMTP hostname checking

[shnook]

Does anyone know what is the exact purpose of the inbound SMTP hostname field?
Will the Zimbra machine effectively treat all mail that came from the listed hostname as internet mail and look at the previous MTA(s) for any SPAM/DNS/SPF checking?
Will the listed hostname reputation ever be affected within the Zimbra system based on SPAM coming through, Etc?
Sorry if this is an obvious question, I looked around quite a bit and could not find anything definitive in this regard.
Thanks.

[brian]

Inbound SMTP hostname applies only to the "Check DNS" button. A significant number of forum and support cases revolve around improperly configured DNS MX settings. That combined with an increased number of ISP's offering self-service ZCS domains, it provides a means for customers to easily make sure their DNS is pointed at the expected server.

[shnook]

Quote:

Originally Posted by brian

Inbound SMTP hostname applies only to the "Check DNS" button. A significant number of forum and support cases revolve around improperly configured DNS MX settings. That combined with an increased number of ISP's offering self-service ZCS domains, it provides a means for customers to easily make sure their DNS is pointed at the expected server.

Thank you for the reply.
I guess the question would be, in our current setup, MX record is pointed to and mail is arriving at a separate gateway MTA, which I have listed in inbound SMTP gateway.
If I were to enable SPF, would SPAM ratings ever be affected by the fact the MTA handing the Email off to Zimbra is obviously not listed as a recognized sender in the sender's SPF file, or will zimbra look at all "received from's" in the header to see if one of them are authorized to send Email for that particular domain.
Likewise for SPAM, being that in essence all Email that Zimbra is receiving is coming from one IP address, will it view all SPAM email coming from that address and start giving our internal MTA a 'bad name'?
and equally important, if the actual mail sender is a spammer, will they get a free pass at greylisting/blacklisting being that they are 'hiding behind' our internal MTA?
and by the way, the reason we have an internal MTA and are not pointing the MX directly at Zimbra, is because we have had problems being greylisted and blacklisted at many different Email companies and reputation vendors, simply because of NDR's that were being sent out of our old server, so we want the bouncebacks to be sent from a different IP then our legitimate mail.

[brian]

SPF is really about sender domains or outbound email, if you own the domain and have control to setup SPF records then you should be including all MTA's that send on behalf of your domain in the SPF txt record. If you set it up properly sites that check SPF records will properly accept email from your domain.

Local SPAM ratings are typically never affected by outbound smtp, because they are usually always within the scope of the trusted_networks or zimbraMtaMyNetworks.

If you are running an ISP or other hosted service and accept authenticated SMTP from customers you probably want to separate your inbound/outbound smtp queues so you have better control over SPAM scoring and trusted networks.

You second question is a bit hard to comprehend but I'll attempt to answer my interpretation of it.

Most RBLs/greylisting apps look at the connecting IP when doing reputation based SPAM checking, if you relay all outbound email through another MTA your internal MTA should not be directly affected. Although its kind of a mute point because if your external MTA gets blacklisted and you are relaying all mail though it the net result is the same, none of your legitimate mail is accepted.

If you trust the source of all internal generated SMTP traffic, you can have that delivered directly by your internal MTA and leave your external MTA to handle inbound and bounced NDR's.

[shnook]

Quote:

Originally Posted by brian

SPF is really about sender domains or outbound email, if you own the domain and have control to setup SPF records then you should be including all MTA's that send on behalf of your domain in the SPF txt record. If you set it up properly sites that check SPF records will properly accept email from your domain.

Thank you very much for the (long and thought out) reply.

I think you may have misunderstood what I was referring to with 'SPF', I was not referring to setting up SPF on our domain, as I understand how that would work.
My question was more in the line of, if I were to enable SPF checking on Zimbra (to check mail that comes in to our users), how would Zimbra (upon checking the SPF of a received Email) deal with the fact that the sending MTA (the internal gateway which receives all of our internet Email) is not as listed as a valid sender of pretty much any given Email?
The above question in other words, does SPF checking need to be enabled on the Gateway MTA, or can Zimbra somehow handle SPF?

Quote:

Originally Posted by brian

Local SPAM ratings are typically never affected by outbound smtp, because they are usually always within the scope of the trusted_networks or zimbraMtaMyNetworks.

If you are running an ISP or other hosted service and accept authenticated SMTP from customers you probably want to separate your inbound/outbound smtp queues so you have better control over SPAM scoring and trusted networks.

You second question is a bit hard to comprehend but I'll attempt to answer my interpretation of it.

Most RBLs/greylisting apps look at the connecting IP when doing reputation based SPAM checking, if you relay all outbound email through another MTA your internal MTA should not be directly affected. Although its kind of a mute point because if your external MTA gets blacklisted and you are relaying all mail though it the net result is the same, none of your legitimate mail is accepted.

If you trust the source of all internal generated SMTP traffic, you can have that delivered directly by your internal MTA and leave your external MTA to handle inbound and bounced NDR's.

In the second half my questions were not really if Mail being sent from our domains will get tagged or not, I understand outbound SMTP would not affect SPAM ratings.

My question was more to how 'Inbound SMTP' would affect Zimbra's capability to mark Email from the outside as spam. Meaning - being that all internet Email comes to 1.2.3.4, and Zimbra is 1.2.3.5, could Zimbra properly deal with all the Email coming from 1.2.3.4 and 'ignore' that address as far as SPAM checking goes, and consequently can the PREVIOUS MTA be checked for IP reputation, etc.
If not, going back to my original question, what exactly is the purpose of the 'Inbund SMTP hostname' field?