Page 1 of 2 12 LastLast
Results 1 to 10 of 11

Thread: Barracuda Reputation blocking mails based on Client IP

  1. #1
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default Barracuda Reputation blocking mails based on Client IP

    Hi,

    I have a confusing problem. Our staff sometimes use USB 3G sticks which give them dynamic IPs. Sometimes mails are bounced back from remote MTAs to due to this (i.e. poor Barracuda Reputation).

    I have X-Originating-IP disabled on Zimbra.

    zmprov gacf | grep zimbraSmtpSendAddOriginatingIP
    zimbraSmtpSendAddOriginatingIP: FALSE

    When looking at the sent mail (Right-clicking and Show Original), I cannot see X-Originating-IP or any reference to the blocked client IP so I have no idea where the remote MTA's are getting the senders client IP from.

    Does Show Original show everything? Can anyone give me a pointer where to start looking? I have included the sent mail below but removed the content parts.

    Many Thanks,

    Steve HW


    From: *removed*
    To: *removed*
    Subject: *removed*
    Date: Wed, 15 Sep 2010 22:14:26 +0100
    Message-ID: <000c01cb551b$0203c2f0$060b48d0$@com>
    MIME-Version: 1.0
    Content-Type: multipart/mixed;
    boundary="----=_NextPart_000_0007_01CB5523.63C82AF0"
    X-Mailer: Microsoft Office Outlook 12.0
    Thread-Index: ActVGvomd+1Zn8d+RWunJJ4Fbm0ylA==
    Content-Language: en-gb
    X-OlkEid: F6A411206648FFE8F4477445858EEBE1F8B038DF

    This is a multi-part message in MIME format.

    ------=_NextPart_000_0007_01CB5523.63C82AF0
    Content-Type: multipart/alternative;
    boundary="----=_NextPart_001_0008_01CB5523.63C82AF0"


    ------=_NextPart_001_0008_01CB5523.63C82AF0
    Content-Type: text/plain;
    charset="us-ascii"
    Content-Transfer-Encoding: 7bit

    *removed*

    ------=_NextPart_001_0008_01CB5523.63C82AF0
    Content-Type: text/html;
    charset="us-ascii"
    Content-Transfer-Encoding: quoted-printable

    *removed*

    ------=_NextPart_001_0008_01CB5523.63C82AF0--

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,491
    Rep Power
    56

    Default

    You won't see any IP addresses on an email in the Sent folder as that copy hasn't been sent anywhere, you need to look at a copy of the received email for the details of it's route through mail servers.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default

    Thanks Bill,

    Of course you're right, I checked the full bounced message and the sent mail has a "Received: from" header that includes the senders client IP. Is this coming from the Outlook client? Is there any way I can tell Zimbra to strip this from the header or is this something I need to do in Postfix?

    Thanks for the pointer

    Steve

  4. #4
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,491
    Rep Power
    56

    Default

    Could you update your forum profile with the output of the following command (do not post the output in this thread):

    Code:
    zmcontrol -v
    Are these mail clients connecting via the ZCO or IMAP and are they using port 25 to submit their email?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default

    Profile Updated.

    Staff use IMAP SSL from within Outlook, so port 993.

    Steve

  6. #6
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,491
    Rep Power
    56

    Default

    Quote Originally Posted by stevehw View Post
    Profile Updated.
    Thanks.

    Quote Originally Posted by stevehw View Post
    Staff use IMAP SSL from within Outlook, so port 993.
    Yes but what do they use for their Submission port? I suspect you're using port 25 on the ZImbra server, is that correct?
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default

    Yes, 25 is still the default for smtp.

    Steve

  8. #8
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,491
    Rep Power
    56

    Default

    Quote Originally Posted by stevehw View Post
    Yes, 25 is still the default for smtp.
    That's actually the incorrect port for mail submission to an MTA, the correct port is 587 and will require the user to authenticate when they send mail. I believe that should solve your problem as the mail will then come from the mail server itself and should not have any IP in the headers that reflect what the originating IP was. Try changing that for a test user and see what the results are, you can obviously verify it by looking at the headers via the show original.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default

    Bill - Thanks again for your help with this. I've read up on port 587, I never knew that, guess you can tell I'm not a full-time mail admin It's now opened and accepting mail.

    I sent a mail to myself but unfortunately the headers still include my sender IP and DNS in a "Received: from" header.

    Any other ideas? Striping all these with postfix seems crude but many posts on the net are saying this is the way forward.

    Steve

  10. #10
    stevehw is offline Member
    Join Date
    Jun 2009
    Location
    UK
    Posts
    10
    Rep Power
    6

    Default

    I've tried to use postfix to remove these headers but think I've hit a bug.

    I've added the following to /opt/zimbra/conf/postfix_header_checks.in

    /^Received: from/ IGNORE

    Running "postfix reload" shows this carried across to /opt/zimbra/conf/postfix_header_checks

    However, /opt/zimbra/postfix/conf/main.cf contains "header_checks = ".

    To check the setting I've ran the following:

    zmlocalconfig postfix_header_checks
    postfix_header_checks = pcre:${zimbra_home}/conf/postfix_header_checks

    All looks good, so why is this not shown in main.cf...

    If I add the line manually using:

    /opt/zimbra/postfix/sbin/postconf -e header_checks=pcre:/opt/zimbra/conf/postfix_header_checks

    Those headers are now stripped from the mails - w'hey However, if I reload postfix again or restart zimbra, the header_check line is removed from main.cf and the problem returns

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 3
    Last Post: 03-04-2008, 10:41 AM
  2. Deleting mails from desktop client?
    By aoun in forum General Questions
    Replies: 1
    Last Post: 03-03-2008, 12:19 PM
  3. can't you help me
    By iwan siahaan in forum Administrators
    Replies: 6
    Last Post: 12-17-2007, 06:53 PM
  4. Use HTML Client Based on COS?
    By rwjblue in forum Administrators
    Replies: 2
    Last Post: 01-30-2007, 05:50 AM
  5. Nee a head start with IMAP client to access Zimbra mails
    By abhishek_agl in forum Developers
    Replies: 14
    Last Post: 12-08-2006, 03:14 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •