Results 1 to 3 of 3

Thread: [SOLVED] SNMP authorization for outgoing mail or SASL problem?

  1. #1
    sh444man is offline New Member
    Join Date
    Apr 2010
    Posts
    3
    Rep Power
    4

    Default [SOLVED] SNMP authorization for outgoing mail or SASL problem?

    I got some huge problem. My Zimbra server does'nt requests authorization. I can send mail with authorization and WITHOUT IT (i don't want that). I can simply telnet from anywhere (also not from mynetworks) and send email like this:

    Code:
    220 myserver.com ESMTP Postfix
    ehlo someserver.com
    250-myserver.com
    250-PIPELINING
    250-SIZE 120000000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250-AUTH PLAIN LOGIN
    250-AUTH=PLAIN LOGIN
    250-ENHANCEDSTATUSCODES
    250-8BITMIME
    250 DSN
    MAIL FROM: <existinguser@myserver.com>
    250 2.1.0 Ok
    RCPT TO: <existinguser@myserver.com>
    250 2.1.5 Ok
    DATA
    354 End data with <CR><LF>.<CR><LF>
    Suject: Test
    Test
    .
    250 2.0.0 Ok: queued as C1DEDCBE88
    quit
    221 2.0.0 Bye
    Zimbra configuration:

    Code:
    ~$ zmprov gs myserver.com | grep Auth
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthHost: myserver.com
    zimbraMtaAuthTarget: TRUE
    zimbraMtaAuthURL: https://myserver.com:443/service/soap/
    zimbraMtaSaslAuthEnable: TRUE
    zimbraMtaTlsAuthOnly: FALSE
    Postfix postconf | grep sasl
    Code:
    smtp_sasl_auth_cache_name =
    smtp_sasl_auth_cache_time = 90d
    smtp_sasl_auth_enable = no
    smtp_sasl_auth_soft_bounce = yes
    smtp_sasl_mechanism_filter =
    smtp_sasl_password_maps =
    smtp_sasl_path =
    smtp_sasl_security_options = noplaintext, noanonymous
    smtp_sasl_tls_security_options = $smtp_sasl_security_options
    smtp_sasl_tls_verified_security_options = $smtp_sasl_tls_security_options
    smtp_sasl_type = cyrus
    smtpd_sasl_auth_enable = yes
    smtpd_sasl_authenticated_header = no
    smtpd_sasl_exceptions_networks =
    smtpd_sasl_local_domain =
    smtpd_sasl_path = smtpd
    smtpd_sasl_security_options = noanonymous
    smtpd_sasl_tls_security_options = $smtpd_sasl_security_options
    smtpd_sasl_type = cyrus
    Some Logs :
    Code:
    Apr 29 10:12:56 zimbra saslauthd[26582]: auth_zimbra: user@myserver.com auth OK
    Apr 29 10:12:56 zimbra postfix/smtpd[5633]: 8F1E01365B3: client=x.x.x.x, sasl_method=LOGIN, sasl_username=user@myserver.com
    Apr 29 10:12:56 zimbra saslauthd[26581]: zmauth: authenticating against elected url 'https://myserver.com:7071/service/admin/soap/' ...
    Apr 29 10:12:56 zimbra saslauthd[26581]: zmpost: url='https://myserver.com:7071/service/admin/soap/' returned buffer->data='<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"><change token="1812"/></context></soap:Header><soap:Body><AuthResponse xmlns="urn:zimbraAccount"><authToken>sometoken</authToken><lifetime>172800000</lifetime><skin>beach</skin></AuthResponse></soap:Body></soap:Envelope>', hti->error=''
    Please HELP!

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by sh444man View Post
    I got some huge problem. My Zimbra server does'nt requests authorization. I can send mail with authorization and WITHOUT IT (i don't want that).
    That's perfectly normal for an authenticated user and one sending mail to your server.

    Quote Originally Posted by sh444man View Post
    I can simply telnet from anywhere (also not from mynetworks) and send email like this:
    That's also normal if you're sending email to your server. You probably can't send email to another domain otherwise you'd be an open relay, have you tested this via one of the internet relay testing sites?

    BTW, this was also in the wrong forum, as it's not an Installation problem I'll move it to the correct place.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    sh444man is offline New Member
    Join Date
    Apr 2010
    Posts
    3
    Rep Power
    4

    Default

    Thank you very much for your response. I am too affraid of spoofing between users on my mailserver. Also there is a spam issue - about 99% of passing spam comes through becouse of that. I found today my solution written in post ZIMBRA SMTP AUTH problem . Sorry for duplicate this problem. For now it works superb as i wanted. Do you see any reasons for not doing this by default?

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  2. Replies: 15
    Last Post: 11-19-2009, 12:16 AM
  3. Messages not being delivered
    By buee in forum Administrators
    Replies: 53
    Last Post: 10-23-2009, 10:28 AM
  4. mta to not starting
    By cowanpf in forum Installation
    Replies: 2
    Last Post: 10-05-2009, 04:36 AM
  5. Migration Assistance
    By dwill in forum Administrators
    Replies: 10
    Last Post: 12-02-2008, 08:20 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •