Hi all,
We have a simple configuration where our Zimbra MTA has an external relayhost configured, with option zimbraMtaDnsLookupsEnabled FALSE, so everything it receives is sent to its relayhost. This is ok and works perfectly. However, there are some internal machines sending mails by crontabs and daemons (the typical 'root@machine.domain.com'), and we want our MTA to stop relaying this emails and, either catch them or discard them.
If we activate zimbraMtaDnsLookupsEnabled to TRUE, we will prevent this, but also Zimbra MTA will stop relaying emails to its relay server and will send them directly to the corresponding MX record found of each domain, so this is not valid.
Also, it is not feasible to create a domain for each machine name...
All our machines are configured to use our Zimbra MTA server as relayhost.
Any idea of how can we prevent this internal emails being relayed to external relay server configured in Zimbra?
Thanks in advance!
Relaying internal root@<machinename> emails
-
ribanezsitu
- Posts: 2
- Joined: Tue Mar 07, 2017 8:45 am
-
liverpoolfcfan
- Elite member
- Posts: 1112
- Joined: Sat Sep 13, 2014 12:47 am
Re: Relaying internal root@<machinename> emails
Easiest way might be to make sure their delivery address is local. If you edit the crontab on the sending machine/account using
and add a MAILTO and MAILFROM at the top of the file then these email addresses will be used for the sender and recipient of the cron emails. So, for example if your dmain is mydomain.com - then either create a new account to receive all the reports or direct them to an existing one.
Code: Select all
crontab -e Code: Select all
MAILTO=myreportsaccount@mydomain.com
MAILFROM=myreportsaccount@mydomain.com
*/2 * * * * /usr/bin/php /usr/share/osticket/api/cron.php
-
liverpoolfcfan
- Elite member
- Posts: 1112
- Joined: Sat Sep 13, 2014 12:47 am
Re: Relaying internal root@<machinename> emails
... additionally you can add an alias for root on any of the servers to direct the email to your chosen reports email address.
By editing /etc/aliases
and adding
and then running
after updating the aliases file.
By editing /etc/aliases
and adding
Code: Select all
root: myreportsaccount@mydomain.com
Code: Select all
newaliases
-
ribanezsitu
- Posts: 2
- Joined: Tue Mar 07, 2017 8:45 am
Re: Relaying internal root@<machinename> emails
Thanks for the reply!
Even though we could reconfigure all our servers, the idea is to configure Zimbra to stop all these internal emails.
I've been checking options like:
- Rejecting false "mail from" addresses (https://wiki.zimbra.com/wiki/index.php?curid=20383)
or
- Enforcing a match between FROM address and sasl username (https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5)
However, none of them are valid for us since the servers sending those emails are inside our MTA trusted networks.
Isn't any other Zimbra option to reject emails from invalid FROM domains or similar?
Thanks!
R.
Even though we could reconfigure all our servers, the idea is to configure Zimbra to stop all these internal emails.
I've been checking options like:
- Rejecting false "mail from" addresses (https://wiki.zimbra.com/wiki/index.php?curid=20383)
or
- Enforcing a match between FROM address and sasl username (https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5)
However, none of them are valid for us since the servers sending those emails are inside our MTA trusted networks.
Isn't any other Zimbra option to reject emails from invalid FROM domains or similar?
Thanks!
R.