Page 1 of 2 12 LastLast
Results 1 to 10 of 16

Thread: emergency, how do I disable an open relay in zimbra?

  1. #1
    jptech is offline Senior Member
    Join Date
    Mar 2007
    Posts
    62
    Rep Power
    8

    Default emergency, how do I disable an open relay in zimbra?

    I'm trying in vain to stop the tens of thousands of emails being pumped into my server, which should not have an open relay.

    I need to disable the open relay.

  2. #2
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Open relay is off by default.
    1) Can you provide the /var/log/zimbra.log to prove that open relay is open?
    2) Have you done an open relay test?

  3. #3
    jptech is offline Senior Member
    Join Date
    Mar 2007
    Posts
    62
    Rep Power
    8

    Default

    Quote Originally Posted by jholder View Post
    Open relay is off by default.
    1) Can you provide the /var/log/zimbra.log to prove that open relay is open?
    2) Have you done an open relay test?
    1) logging doesn't work unless I reboot!
    2) 35,000 emails from yahoo.tw prove the relay is open!

    HOW DO I DISABLE IT!

    [SHOT]http://www.powerslife.net/james/spam-in-queue.jpg[/SHOT]
    Last edited by jptech; 06-29-2007 at 09:47 AM.

  4. #4
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    11

    Default

    2) 35,000 emails from yahoo.tw prove the relay is open!

    HOW DO I DISABLE IT!
    NO IT DOESNT!

    Post logs to prove your zimbra install is relaying externally.

  5. #5
    jptech is offline Senior Member
    Join Date
    Mar 2007
    Posts
    62
    Rep Power
    8

    Default

    I don't have logs because the logger doesn't work.

    no one seems to want to help me in acutally disabling the open relay.

    I don't need to argue over whether it's open or not.

    I need to close it.

  6. #6
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Calm down.

    Your supposition is incorrect. If we had open relay on by default, then we would have noticed.

    Now, if someone is using a username and password on your network, that they got a hold of, then it's possible someone is using your e-mail server as a relay.

    Unless you provide the /var/log/zimbra.log, we won't be able to help you.

    (PS quit typing in all caps.)

  7. #7
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Looks to me like someone has outlook, and their machine is infected. What's 192.168.0.1?

  8. #8
    jptech is offline Senior Member
    Join Date
    Mar 2007
    Posts
    62
    Rep Power
    8

    Default

    192.168.0.1 is the firewall.

    it uses ip masquerading to provide access to the MTA.

    it's not in the postfix 'mynetworks' declaration

    I had to remove the masq to disable internet access to the MTA before the spam would stop!
    Last edited by jptech; 06-29-2007 at 10:09 AM.

  9. #9
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    Can you pvt me your domain name so I can run some tests?

    It may be that Open Relay got turned on. . .I'm not saying it's not on. You SS looks like it is.

    But it is off by default.

  10. #10
    jholder's Avatar
    jholder is offline Former Zimbran
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    20

    Default

    jptech is correct.
    His server is being used as an open relay.

    To ensure that we aren't shipping it that way, I tested 4.5.4, 4.5.5, and 4.5.6
    None have this feature on by default.

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 26
    Last Post: 04-19-2011, 09:24 AM
  2. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 05:43 AM
  3. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 08:55 AM
  4. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 12:58 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •