Zimbra

mutuku · #1 (**permalink**) 06-21-2010, 12:08 AM

I have set up a zimbra and configured outlook as the mail clients.

I configured my account on outlook on a computer running on the LAN. I then changed the logon information(password) on outlook.

When I open outlook, It asks me for the password. When I click cancel, I can still send mail from the configured account

Does this mean that my zimbra server is an open relay on the LAN? If so, How do I stop this?

I am using port 25 as the "outgoing server".

phoenix · #2 (**permalink**) 06-21-2010, 12:13 AM

Port 25 does not need authentication, your server is not an Open Relay (I assume you've checked this with an online test?). If you wish to use Authentication then you should use the correct Submission port with is 587 and does require Authentication.

mutuku · #3 (**permalink**) 06-21-2010, 12:19 AM

Phoenix,

Thanks for the response. From external networks I am using port 465. this is working fine(my server is not an open relay).

My concern is from the LAN. Can Any outlook masquarade themselves and send mail as if they were another user? Can Spambots running on my LAN use port 25?

phoenix · #4 (**permalink**) 06-21-2010, 12:22 AM

Quote:

Originally Posted by mutuku

Phoenix,

Thanks for the response. From external networks I am using port 465. this is working fine(my server is not an open relay).

You should use port 587, that is the correct port.

Quote:

Originally Posted by mutuku

My concern is from the LAN. Can Any outlook masquarade themselves and send mail as if they were another user? Can Spambots running on my LAN use port 25?

If you wish to restrict that you need to change the setting in mynetworks that limits the 'Trusted IPs' to the loopback adapter and the IP of the Zimbra server, there are several threads in the forums that have details on what's needed do a search for that.

mutuku · #5 (**permalink**) 06-21-2010, 12:53 AM

Quote:

If you wish to restrict that you need to change the setting in mynetworks that limits the 'Trusted IPs' to the loopback adapter and the IP of the Zimbra server

I setup that when I installed the server. My server has 2 network cards...one that is natted to a public IP(IPA), and the other the that connects to the LAN(IPB). All the IPs(IPA, IPB and the loopback) are in the MTA trusted networks list.

phoenix · #6 (**permalink**) 06-21-2010, 02:57 AM

Quote:

Originally Posted by mutuku

All the IPs(IPA, IPB and the loopback) are in the MTA trusted networks list.

That is incorrect, you should not have the Public IP in there and only have the loopback and the NAT IP of the server in there otherwise you'll be opening up your server to be a relay.

mutuku · #7 (**permalink**) 06-21-2010, 03:13 AM

the public IP is not there(MTA trusted networks list). Just the LAN IPs of the 2 network cards of the server. The public IP is natted to one of the mail servers. LAN IPs.Both of the LAN IPs(IPs of the 2 netwotk cards) are MTA trusted networks list. Is this correct?

phoenix · #8 (**permalink**) 06-21-2010, 03:17 AM

Quote:

Originally Posted by mutuku

the public IP is not there(MTA trusted networks list). Just the LAN IPs of the 2 network cards of the server. The public IP is natted to one of the mail servers. LAN IPs.Both of the LAN IPs(IPs of the 2 netwotk cards) are MTA trusted networks list. Is this correct?

That is the correct configuration and there should be no problem.