Zimbra

blueflametuna · #1 (**permalink**) 03-08-2011, 11:17 AM

(Sorry for the dupe. I received a "database error" when posting the first one.)

Greetings,

I recently upgraded from 5.0.21 to 6.0.10 (Open Source).
I noticed a lot of these in the zimbra.log file:

Open relay? Nonlocal recips but not originating: ...

I tested with the Open Relay testers, and the server seems to be OK.
But the messages are still of concern.

Did the customary searches and found this:

[SOLVED] Open Relay amavis warnings in zimbra.log

Not sure if this actually resolves the problem.

Tha amavis list mentioned something about a new warning message with amavisd-new-2.6.4 and settings for "mynetworks" and "originating" ...
(Reference: Old Nabble - Amavis - Open relay, non local recip, mail aliasing and forwarding)

Is there something I missed in the configuration that was either not preserved in the Zimbra upgrade? Is this something new?

Thanks for your time.

Jim

blueflametuna · #2 (**permalink**) 03-09-2011, 09:52 AM

I went to examine the settings for the server in the Admin GUI ...
Servers -> <Service host name> -> Edit

and received a Server error pop-up:

! Server error encountered

(Detail):

Message: system failure: exception during auth {RemoteManager: mymail.com->zimbra@mymail.com:22}

But that's another thread ...

Under MTA, the Web mail MTA hostnames is FQDN [mail.mymail.com]
and the list of MTA trusted networks appears correct.

The display is partially broken. It looks like there is a button for [Remove]?
but it is overwritten with another button for [Reset to Global value].
(Cosmetics only, but just noting it.)

Under the Global Settings -> MTA tab, the Web mail MTA Hostnames value is the same as above.

Should this match what is returned by `hostname -f` ?

John Siu · #3 (**permalink**) 03-09-2011, 07:23 PM

I assume you are running single server. If so set it to localhost.

Details:
[SOLVED] Open Relay amavis warnings in zimbra.log

blueflametuna · #4 (**permalink**) 03-10-2011, 08:55 AM

I set it to localhost, and I am still receiving the errors.

John Siu · #5 (**permalink**) 03-10-2011, 09:00 AM

Error from your top post or your 2nd post? Need a bit more details.

blueflametuna · #6 (**permalink**) 03-10-2011, 09:10 AM

Mar 10 09:08:34 mymail amavis[32600]: (32600-03) Open relay? Nonlocal recips but not originating: user@somewhere.net

I am receiving one for every outbound message.

John Siu · #7 (**permalink**) 03-10-2011, 11:15 AM

Is the email being sent from web client or from a email program (outlook, etc.) ?

In Admin GUI, under:
Global Settings -> MTA
Server Settings -> MTA
What are the setting for "MTA Trusted Networks"?

blueflametuna · #8 (**permalink**) 03-10-2011, 11:52 AM

Connections are coming from Web mail client, pop, and imap.

Under Servers -> <Service host name> -> Edit -> MTA ...

MTA Trusted Networks: 127.0.0.0/8 my.ip.addr.0/21 10.110.6.0/24

blueflametuna · #9 (**permalink**) 03-11-2011, 05:17 PM

One difference I found in the new version of amavis 2.6.4 is this feature:

$policy_bank{'MYNETS'} = {
originating => 1,
allow_disclaimers => 0,
log_level => 1,
};

I am not sure what I need to do to eliminate these warnings.

blueflametuna · #10 (**permalink**) 03-11-2011, 08:38 PM

I received some help from the new and improved list at amavis.org

The warnings are new to 2.6.4

I needed to set @mynetworks in amavis.conf.

This stopped the warnings for users connecting through the known networks.
But they still display under at least these situations:

* Authenticated users connecting via web client, pop, or imap from outside the network and sending to outside addresses.

* Inbound emails from outside being sent to valid users with forwarding addresses, which then get relayed outbound.

There may be other scenarios, but this cleans it up a lot.

Zimbra

Downloads

Product Information

Toolbox

Why Join?