Results 1 to 3 of 3

Thread: preventing spam to be relayed

  1. #1
    ruyterb is offline Banned
    Join Date
    Jun 2010
    Posts
    4
    Rep Power
    0

    Default preventing spam to be relayed

    I am posting this under "installation" since I could not find a more focused topic like "security"...

    The Zimbra server is by default an open relay for trusted networks.

    In my setup there is a webserver in the trusted network that is using Zimbra as a relay server. For that the webserver uses mostly the PHP mail() function. It is difficult to ensure that the scripts will *never* be abused so I want to focus on securing the mail server as much as possible.

    The question: is it possible to spam filter the messages that are being offered for relay? If any script would get hacked on the webserver the email server would block the spam from being sent out.

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,582
    Rep Power
    57

    Default

    You simple need to have the loopback IP and the single IP of the ZImbra server in you mynetworks setting to overcome this problem, there are several threads in the forums that describe this.

    I've also moved this to a more appropriate forum as it's not an Installation problem.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    ruyterb is offline Banned
    Join Date
    Jun 2010
    Posts
    4
    Rep Power
    0

    Default

    sorry for using the wrong form
    to which one did you move it?

    Removing the webserver from the trusted networks does not solve my issue (and by the way: I did search the forum and found that people had new problems when doing that like error message in the admin panel).

    Moving the web server outside of the trusted network would require this server to authenticate before sending but this authentication is not done at the script level but at postfix level at the webserver. So any hacked script would still be possible to send authenticated email.

    Or is there a second effect of moving the webserver out of the trusted network in that the messages offered for relaying would be filtered for spam? If so, that would indeed solve the problem...

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. SPAM being relayed through server using zmpost
    By blueflametuna in forum Administrators
    Replies: 7
    Last Post: 04-28-2011, 03:37 AM
  2. Most of mails showing SPAM & discarded
    By siw919 in forum Administrators
    Replies: 27
    Last Post: 01-12-2010, 01:53 PM
  3. Preventing spam autodeletion
    By tenth_man in forum Administrators
    Replies: 4
    Last Post: 05-03-2009, 07:05 PM
  4. Weird behaviors and LOTS of spam.
    By zwvpadmin in forum Administrators
    Replies: 7
    Last Post: 01-02-2009, 10:26 AM
  5. Major SPAM to one account
    By CarputerTech in forum Administrators
    Replies: 4
    Last Post: 09-04-2008, 10:54 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •