Results 1 to 3 of 3

Thread: How to reject unknown hostname connections

  1. #1
    scott.serr is offline Intermediate Member
    Join Date
    Aug 2009
    Posts
    18
    Rep Power
    6

    Default How to reject unknown hostname connections

    I've just setup Zimbra 8 (coming from 5). My 5 configuration was kind of a mess, as I ended up editing config files at times. I'm trying to configure this installation the "right way."

    [zimbra@mail ~]$ zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_unknown_client
    zimbraMtaRestriction: reject_unknown_hostname
    zimbraMtaRestriction: reject_unknown_sender_domain

    Shouldn't one of these stop these type of connections...?

    Feb 20 11:07:48 mail postfix/smtpd[5740]: connect from unknown[173.213.70.231]
    Feb 20 11:07:48 mail postfix/smtpd[5740]: NOQUEUE: filter: RCPT from unknown[173.213.70.231]: <QualityCigars@sliparrive.info>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<QualityCigars@sliparrive.info> to=<jennifer@example.com> proto=ESMTP helo=<00041382.sliparrive.info>

    Or is the idea we still let the mail come through and add spamassassin points?

    <confused>

    Thanks,
    Scott

  2. #2
    scott.serr is offline Intermediate Member
    Join Date
    Aug 2009
    Posts
    18
    Rep Power
    6

    Default

    Quote Originally Posted by scott.serr View Post

    [zimbra@mail ~]$ zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_unknown_client
    zimbraMtaRestriction: reject_unknown_hostname
    zimbraMtaRestriction: reject_unknown_sender_domain

    <snip>
    My additions didn't propogate down to postfix. It looks like these are the only valid protocol restrictions:

    For protocol checks, the following three RBLs can be enabled:
    *Hostname in greeting violates RFC - reject_invalid_hostname
    *Client must greet with a fully qualified hostname - reject_non_fqdn_hostname
    *Sender address must be fully qualified - reject_non_fqdn_sender

    Still confused...

  3. #3
    scott.serr is offline Intermediate Member
    Join Date
    Aug 2009
    Posts
    18
    Rep Power
    6

    Default

    Quote Originally Posted by scott.serr View Post
    My additions didn't propogate down to postfix. It looks like these are the only valid protocol restrictions:

    For protocol checks, the following three RBLs can be enabled:
    *Hostname in greeting violates RFC - reject_invalid_hostname
    *Client must greet with a fully qualified hostname - reject_non_fqdn_hostname
    *Sender address must be fully qualified - reject_non_fqdn_sender

    Still confused...
    This post Does reject_unknown_client in Web Admin work correctly ? was helpful in unconfusing me. reject_unknown_client is obsolete now.

    Works:
    zmprov mcf +zimbraMtaRestriction "reject_unknown_client_hostname"

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. unknown UDP-Connections in zimbra.log
    By harry12345 in forum Administrators
    Replies: 7
    Last Post: 02-21-2013, 04:50 AM
  2. Email delivery reject, host unknown
    By Wilson_Lee in forum Administrators
    Replies: 3
    Last Post: 11-12-2011, 05:13 AM
  3. NOQUEUE: reject: RCPT from unknown[10.1.10.8]: 554 5.7.1
    By Danielc1234 in forum Administrators
    Replies: 15
    Last Post: 01-18-2011, 09:30 AM
  4. NOQUEUE: reject: RCPT from unknown[10.1.10.8]: 554 5.7.1
    By Danielc1234 in forum Installation
    Replies: 1
    Last Post: 01-13-2011, 08:14 AM
  5. Replies: 3
    Last Post: 04-08-2010, 09:16 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •