I have setup Zimbra to reject emails originating from users that are not logged in (spoofed emails).
I have this setup in /opt/zimbra/conf/domainrestrict
This has been working great (immediately cut spoofed emails).
I now have a need to "whitelist" a single email address that will always get caught by this configuration. The email originates from our website hosting system, but is sent on this email address' behalf. So to Zimbra, it appears to be a spoofed email address in the from field.
I tried adding this email address to /opt/zimbra/conf/postfix_recipient_access and setting it to "OK", but it seems to still get caught up and rejected.
What can I do to keep rejecting spoofed emails, but allow ones for a specific email address to come through?
Reject Not Logged In - Except For Single Address
-
tonster
- Zimbra Employee
- Posts: 313
- Joined: Fri Feb 21, 2014 10:14 am
- Location: Ypsilanti, MI
- ZCS/ZD Version: Release 8.7.0_GA_1659.RHEL6_64_2016
Re: Reject Not Logged In - Except For Single Address
Add the address to zimbraMtaMyNetworks.Something wrote:I have setup Zimbra to reject emails originating from users that are not logged in (spoofed emails).
I have this setup in /opt/zimbra/conf/domainrestrict
This has been working great (immediately cut spoofed emails).
I now have a need to "whitelist" a single email address that will always get caught by this configuration. The email originates from our website hosting system, but is sent on this email address' behalf. So to Zimbra, it appears to be a spoofed email address in the from field.
I tried adding this email address to /opt/zimbra/conf/postfix_recipient_access and setting it to "OK", but it seems to still get caught up and rejected.
What can I do to keep rejecting spoofed emails, but allow ones for a specific email address to come through?
Re: Reject Not Logged In - Except For Single Address
Unfortunately this is our hosting provider, and they seem to have many servers which mail may be sent from, and it varies and is subject to change.
Is there a way to do this without needing to whitelist an IP Address? I need to whitelist an email address.
Is there a way to do this without needing to whitelist an IP Address? I need to whitelist an email address.
Re: Reject Not Logged In - Except For Single Address
Any suggestions would be much appreciated.
Re: Reject Not Logged In - Except For Single Address
I have tried adding the service provider's IP addresses to zimbraMtaMyNetworks, however I think the list is too large and causes a timeout.
The error on every inbound email was:
Out: 451 4.3.0 Temporary lookup error
Session aborted, reason: lost connection
The IP address list is over 70+ IP addresses and ranges. This list may change in the future as well (which is why I was really hoping there was a way to specify an email address to whitelist, not ip addresses).
Is there another approach to this issue?
The error on every inbound email was:
Out: 451 4.3.0 Temporary lookup error
Session aborted, reason: lost connection
The IP address list is over 70+ IP addresses and ranges. This list may change in the future as well (which is why I was really hoping there was a way to specify an email address to whitelist, not ip addresses).
Is there another approach to this issue?