amavis - Open relay? Nonlocal recips but not originating:

blueflametuna · Post by **blueflametuna** » Tue Mar 08, 2011 1:17 pm

(Sorry for the dupe. I received a "database error" when posting the first one.)
Greetings,
I recently upgraded from 5.0.21 to 6.0.10 (Open Source).

I noticed a lot of these in the zimbra.log file:
Open relay? Nonlocal recips but not originating: ...
I tested with the Open Relay testers, and the server seems to be OK.

But the messages are still of concern.
Did the customary searches and found this:
http://www.zimbra.com/forums/administra ... a-log.html
Not sure if this actually resolves the problem.
Tha amavis list mentioned something about a new warning message with amavisd-new-2.6.4 and settings for "mynetworks" and "originating" ...

(Reference: [url=Old Nabble - Amavis - Open relay, non local recip, mail aliasing and forwarding[/url])
Is there something I missed in the configuration that was either not preserved in the Zimbra upgrade? Is this something new?
Thanks for your time.
Jim

blueflametuna · Post by **blueflametuna** » Wed Mar 09, 2011 11:52 am

I went to examine the settings for the server in the Admin GUI ...

Servers -> -> Edit
and received a Server error pop-up:
! Server error encountered
(Detail):
Message: system failure: exception during auth {RemoteManager: mymail.com->zimbra@mymail.com:22}
But that's another thread ...
Under MTA, the Web mail MTA hostnames is FQDN [mail.mymail.com]

and the list of MTA trusted networks appears correct.
The display is partially broken. It looks like there is a button for [Remove]?

but it is overwritten with another button for [Reset to Global value].

(Cosmetics only, but just noting it.)
Under the Global Settings -> MTA tab, the Web mail MTA Hostnames value is the same as above.
Should this match what is returned by `hostname -f` ?

John Siu · Post by **John Siu** » Wed Mar 09, 2011 9:23 pm

I assume you are running single server. If so set it to localhost.
Details:

http://www.zimbra.com/forums/administra ... a-log.html

blueflametuna · Post by **blueflametuna** » Thu Mar 10, 2011 10:55 am

I set it to localhost, and I am still receiving the errors.

John Siu · Post by **John Siu** » Thu Mar 10, 2011 11:00 am

Error from your top post or your 2nd post? Need a bit more details.

blueflametuna · Post by **blueflametuna** » Thu Mar 10, 2011 11:10 am

Mar 10 09:08:34 mymail amavis[32600]: (32600-03) Open relay? Nonlocal recips but not originating: user@somewhere.net
I am receiving one for every outbound message.

John Siu · Post by **John Siu** » Thu Mar 10, 2011 1:15 pm

Is the email being sent from web client or from a email program (outlook, etc.) ?
In Admin GUI, under:

Global Settings -> MTA

Server Settings -> MTA

What are the setting for "MTA Trusted Networks"?

blueflametuna · Post by **blueflametuna** » Thu Mar 10, 2011 1:52 pm

Connections are coming from Web mail client, pop, and imap.
Under Servers -> -> Edit -> MTA ...
MTA Trusted Networks: 127.0.0.0/8 my.ip.addr.0/21 10.110.6.0/24

blueflametuna · Post by **blueflametuna** » Fri Mar 11, 2011 7:17 pm

One difference I found in the new version of amavis 2.6.4 is this feature:
$policy_bank{'MYNETS'} = {

originating => 1,

allow_disclaimers => 0,

log_level => 1,

};
I am not sure what I need to do to eliminate these warnings.

blueflametuna · Post by **blueflametuna** » Fri Mar 11, 2011 10:38 pm

I received some help from the new and improved list at amavis.org
The warnings are new to 2.6.4
I needed to set @mynetworks in amavis.conf.
This stopped the warnings for users connecting through the known networks.

But they still display under at least these situations:
* Authenticated users connecting via web client, pop, or imap from outside the network and sending to outside addresses.
* Inbound emails from outside being sent to valid users with forwarding addresses, which then get relayed outbound.
There may be other scenarios, but this cleans it up a lot.