Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Email filtering dependent on the MTA

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 06-28-2010, 05:59 AM
Starter Member
  
Posts: 1
Default Email filtering dependent on the MTA
This is maybe an exotic question (or maybe totally irrelevant).

Currently, we use Redmine as a project management system and Zimbra as our mail server. We want to enable users to update Redmine issues by sending an email. Redmine makes this possible by providing a Ruby script which can run on your mail server. You need to set up Zimbra such that when you forward an email to the "Redmine user" (which is the Redmine server) that it also provides a key (shared with Redmine) for security reasons. Of course, also the project and the issue number needs to be given. This is explained in : Redmine - RedmineReceivingEmails - Redmine

I still fear email spoofing though. It is still possible that people send an email to the Redmine server (through our Zimbra MTA) to spam our Redmine server. Is there a possibility to filter out emails going to a certain destination (being the "Redmine user") such that only emails are accepted from clients that are directly connected to the Zimbra MTA and those that are coming from other MTA's are discarded ?

I'm sorry if I miss the point, but I'm not an expert in these things ...

Thanks in advance !
Reply With Quote
  #2 (permalink)  
Old 06-28-2010, 06:56 AM
Moderator
  
Posts: 1,209
Default
After looking things over briefly I'd say the easiest setup for you would be to configure Redmine as documented to do IMAP with the Zimbra server.

To prevent spammers flooding your Redmine server, you might wish to use a fairly cryptic mailbox on Zimbra for Redmine, comparable to the way Zimbra sets up the spam and ham accounts. For example: "redmine.projectinputviaemail.222blahblahblah@your domain.com".

In this way, (keep the mailbox visible in the GAL), users can start typing "redmine" when composing and let auto-complete do the rest of the work, but spammers will have a hard time guessing at that account.

Plus, all the configuration work will be on the Redmine server, so nothing will have to be redone after a Zimbra version upgrade.

Hope that helps,
Mark
__________________
___________________________________
L. Mark Stone, CIO


"Uptime. All the time."

477 Congress Street | Portland, ME 04101-3431 | (207) 772-5678

proactive maintenance and monitoring | technology consulting
Zimbra groupware | EMR implementations | private cloud hosting
Reply With Quote
  #3 (permalink)  
Old 06-30-2010, 02:06 PM
Elite Member
  
Posts: 281
Default
You can also configure postfix to deny incoming messages to that address. Thus, only internal SMTP connections will be able to send messages to that account.

Have a look into all the *_restrictions options that postfix supports.
__________________
Freddie
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.