Results 1 to 7 of 7

Thread: Do not relay on own domain, force smtp auth on port 25

  1. #1
    viglu is offline Beginner Member
    Join Date
    Jan 2013
    Location
    Luxembourg
    Posts
    2
    Rep Power
    2

    Default Do not relay on own domain, force smtp auth on port 25

    Hi,

    I recently installed Zimbra Open source Edition 8.0.2 on Ubuntu 12.04.

    We suppose the fowolling on my zimbra server
    Domain: test.com
    Users: user1@test.com, distribution-list@test.com

    From an external network I open telnet on my zimbra server with port 25.
    HELO ....
    250 mail.test.com
    MAIL FROM: user1@test.com
    250 2.1.0 Ok
    RCPT TO: distribution@test.com
    250 2.1.0 Ok

    I wan't to force smtp auth in this case. If an external person knows about the existence of user1@test.com he can send spam to my distribution-list

    These parameters are set:
    Code:
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthTarget: TRUE
    zimbraMtaSaslAuthEnable: yes
    zimbraMtaTlsAuthOnly: TRUE
    zimbraShareNotificationMtaAuthRequired: FALSE

    Thanks for helping,
    Luc

  2. #2
    snake_eyes's Avatar
    snake_eyes is offline Advanced Member
    Join Date
    Nov 2008
    Posts
    237
    Rep Power
    6

    Default

    Quote Originally Posted by viglu View Post
    Hi,

    I recently installed Zimbra Open source Edition 8.0.2 on Ubuntu 12.04.

    We suppose the fowolling on my zimbra server
    Domain: test.com
    Users: user1@test.com, distribution-list@test.com

    From an external network I open telnet on my zimbra server with port 25.
    HELO ....
    250 mail.test.com
    MAIL FROM: user1@test.com
    250 2.1.0 Ok
    RCPT TO: distribution@test.com
    250 2.1.0 Ok

    I wan't to force smtp auth in this case. If an external person knows about the existence of user1@test.com he can send spam to my distribution-list

    These parameters are set:
    Code:
    zimbraMtaAuthEnabled: TRUE
    zimbraMtaAuthTarget: TRUE
    zimbraMtaSaslAuthEnable: yes
    zimbraMtaTlsAuthOnly: TRUE
    zimbraShareNotificationMtaAuthRequired: FALSE

    Thanks for helping,
    Luc
    Hello,

    I have the same problem, I wanna force the STMP to reach the relay host mailbox.

    I have the mail.test.com hosted at google.com, while I don't have a public IP Address to reach the local mail server "ZImbra" I Wanna force zimbra to deliver the user@test.com at google.com then the fetchmail will pull it from the google server because the people who use the email from outside LAN are not able to check their inbox at mail at local.

    Can we do that via bind? or some else?

    Your cooperation is highly appreciated.
    - In a world without walls and fences who needs windows and gates?
    - I am Running Linux.. Finally, my PC is valid & Reliable Hereafter.

  3. #3
    alessandro.motta is offline Trained Alumni
    Join Date
    Oct 2010
    Posts
    43
    Rep Power
    4

    Default

    Hello,
    i think you two described different problems. For the first post i think you only need to properly configure the mynetworks postfix parameter:

    ZimbraMtaMyNetworks - Zimbra :: Wiki

    For the second post you want to deliver the emails on gmail so the external users are able to view them, then download them with fetchmail.
    Is the gmail domain the same as hosted on your zimbra server?
    In this case you can deliver your domain emails to gmail configuring the postfix transport table:

    Transport Table for external servers - Zimbra :: Wiki

    You can also consider to implement a dyn dns to allow downloading emails directly from your zimbra server, with all benefits and disadvantage.
    Regards

  4. #4
    snake_eyes's Avatar
    snake_eyes is offline Advanced Member
    Join Date
    Nov 2008
    Posts
    237
    Rep Power
    6

    Default

    Hello alessandro.motta,

    Thank you for your reply, I followed the link of the transport table for external servers but it seems still not yet working as well. Is there any suggestion also my zimbra is 8.0.1

    Are you experience with the DNS?
    - In a world without walls and fences who needs windows and gates?
    - I am Running Linux.. Finally, my PC is valid & Reliable Hereafter.

  5. #5
    alessandro.motta is offline Trained Alumni
    Join Date
    Oct 2010
    Posts
    43
    Rep Power
    4

    Default

    Hello snake_eyes,
    this is a little off-topic, anyway i never tried to force the emails delivering outside a zimbra server using DNS.
    What you need to do is to configure the bind dns zone for your domain and set the mx server to be the gmail's mx servers.
    I can't assure you it'll work since i've no experience on that.
    Regards

  6. #6
    quanah is offline Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,265
    Rep Power
    10

    Default

    Quote Originally Posted by snake_eyes View Post
    Is there any suggestion also my zimbra is 8.0.1
    Yes, my suggestion would be that you upgrade to 8.0.4 immediately, before your LDAP DB corrupts and your entire system goes down. 8.0.0 through 8.0.2 are *not* stable.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  7. #7
    snake_eyes's Avatar
    snake_eyes is offline Advanced Member
    Join Date
    Nov 2008
    Posts
    237
    Rep Power
    6

    Default

    Quote Originally Posted by alessandro.motta View Post
    Hello snake_eyes,
    this is a little off-topic, anyway i never tried to force the emails delivering outside a zimbra server using DNS.
    What you need to do is to configure the bind dns zone for your domain and set the mx server to be the gmail's mx servers.
    I can't assure you it'll work since i've no experience on that.
    Regards
    Hello,

    This is my DNS Configuration

    Code:
    @       86400   IN      SOA     mail.domain.com. root.domain.com. (
                                    200506081       ; Serial
                                    86400           ; Refresh
                                    7200            ; Retry
                                    24192001        ; Expire
                                    86400 )         ; Negative Cache TTL
    
                                    IN      NS      mail.domain.com.
                                    IN      MX    10    aspmx.l.google.com.
    
    @                       14400   IN      A       205.178.152.53
    mail            14400    IN    A    200.200.200.20
    www                     14400   IN      CNAME   domain.com.
    in the resolv.conf nameserver 127.0.0.1

    Even I placed the Transport table but still using the bind and deliver to the local...
    - In a world without walls and fences who needs windows and gates?
    - I am Running Linux.. Finally, my PC is valid & Reliable Hereafter.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. force Webmail user to send email with "smtp auth"
    By bonadio in forum Developers
    Replies: 11
    Last Post: 01-26-2012, 10:26 AM
  2. SMTP auth for relay
    By garyo in forum Administrators
    Replies: 2
    Last Post: 01-17-2011, 08:27 AM
  3. force smtp auth zimbra
    By sandeepdas in forum Administrators
    Replies: 12
    Last Post: 10-30-2009, 07:34 PM
  4. [SOLVED] Force AUTH SMTP For Local/External Networks
    By the_griz in forum Administrators
    Replies: 1
    Last Post: 09-19-2008, 01:40 PM
  5. Help... SMTP Auth/LDAP/split domain
    By Nutz in forum Administrators
    Replies: 4
    Last Post: 06-25-2007, 03:15 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •