Page 2 of 2 FirstFirst 12
Results 11 to 14 of 14

Thread: Seguridad en el smtp

  1. #11
    andresmq is offline Banned
    Join Date
    Dec 2011
    Posts
    1
    Rep Power
    0

    Default Problemas con SPAM

    Good afternoon,

    I have been using zimbra CE since version 6 and now 7, unfortunately my server is used to send spam with valid user accounts.

    When we checked the user account involved in the zimbra web client, we find that they have changed the firm, the forwarding address, I guess Trojan virus is on the user's computer, but still do not understand how it works, because at times when your computer is off there to send spam.

    Therefore do not understand how is that spam can be sent and if there is how to configure zimbra to stop this from happening.
    Try changing the configuration of postfix with no results.
    Configuring postfix:

    smtpd_sender_restrictions =
    check_client_access hash:/opt/zimbra/postfix/conf/misclientes, permit_mynetworks,
    permit_sasl_authenticated,
    reject_non_fqdn_sender,
    reject_unknown_sender_domain, pcre:/opt/zimbra/postfix/conf/sender_access,
    permit



    smtpd_client_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client list.dsbl.org,
    permit

    smtpd_recipient_restrictions =
    permit_mynetworks,
    permit_sasl_authenticated,
    reject_non_fqdn_recipient,
    reject_unknown_recipient_domain,
    reject_unauth_destination,
    reject_unlisted_recipient,
    reject_invalid_hostname,
    reject_non_fqdn_hostname,
    reject_non_fqdn_sender,
    reject_unknown_hostname,
    reject_unknown_sender_domain,
    reject_rbl_client bl.spamcop.net,
    reject_rbl_client dnsbl.njabl.org,
    reject_rbl_client cbl.abuseat.org,
    reject_rbl_client sbl-xbl.spamhaus.org,
    reject_rbl_client list.dsbl.org, permit

    contenido de /opt/zimbra/postfix/conf/sender_access
    /@mi\.dominio\.edu$/ 554 No uses mi dominio para enviar correo

    contenido de /opt/zimbra/postfix/conf/misclientes
    mi.dominio.edu misremitentes

    contenido de /opt/zimbra/postfix/conf/misremitentes
    /@(.*\.)?mi\.dominio\.edu$/ OK
    /.*/ 554 La direccion remitente debe ser local

    Already saw that my server is not Open Relay,
    Any suggestions?
    The SPF settings help? as I can do this in zimbra?

    Thank you very much.

  2. #12
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,201
    Rep Power
    56

    Default

    Quote Originally Posted by andresmq View Post
    I have been using zimbra CE since version 6 and now 7, unfortunately my server is used to send spam with valid user accounts.

    When we checked the user account involved in the zimbra web client, we find that they have changed the firm, the forwarding address, I guess Trojan virus is on the user's computer, but still do not understand how it works, because at times when your computer is off there to send spam.

    Therefore do not understand how is that spam can be sent and if there is how to configure zimbra to stop this from happening.
    You most likely have a compromised account, start by taking a look at some of the threads on the subject: site:zimbra.com +"compromised account" - Yahoo! Search Results
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #13
    jgamigo is offline Junior Member
    Join Date
    Sep 2011
    Posts
    5
    Rep Power
    3

    Default

    Especulo que todo el problema se debe a que esos mails provienen de alguna dirección dentro de la red de confianza (fijate en la configuración del servidor o general). En ese caso obviamente el mail va a ser enviado.
    Slds

  4. #14
    jgamigo is offline Junior Member
    Join Date
    Sep 2011
    Posts
    5
    Rep Power
    3

    Default

    Igualmente, dale un vistazo a este post [SOLVED] How force user auth to sending mail
    Slds

Page 2 of 2 FirstFirst 12

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 2
    Last Post: 03-30-2011, 10:32 PM
  2. sms zimlet troubleshooting
    By switchnetworks in forum Zimlets
    Replies: 19
    Last Post: 09-09-2009, 04:37 AM
  3. server dropped connection
    By ferra in forum Installation
    Replies: 20
    Last Post: 10-06-2008, 04:32 PM
  4. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •