Hi new installation of zimbra here
Release 8.6.0_GA_1153.RHEL7_64_20141215151110 RHEL7_64 FOSS edition.
im having an issue with the setup my server acts as an open relay when i telnet from an outside of my network
my setup is ppp on a mikrotik router and i have zimbra behind nat
so when i set up my trusted networks as 12.0.0.0/8 and localnetworkip/24
zimbra allows everything from my mikrotik ( gateway ) to send mail without authentication
when setting my trusted networks as 12.0.0.0/8 and zimbraserverip/32
i can send mails i cant recieve anything
is there any way to fix this or even force postfix to require authentication even on the trusted networks ?
thanks
zimbra behind Mikrotik Nat acts as open relay
-
pkagiantas
- Posts: 1
- Joined: Tue Apr 25, 2017 11:34 am
-
Klug
- Ambassador
- Posts: 2761
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Re: zimbra behind Mikrotik Nat acts as open relay
https://wiki.zimbra.com/wiki/ZimbraMtaMyNetworks
BTW, you should not use 12.0.0.0/XX as private network, because it's not.
It belongs to AT&T: https://en.wikipedia.org/wiki/List_of_a ... ess_blocks
BTW, you should not use 12.0.0.0/XX as private network, because it's not.
It belongs to AT&T: https://en.wikipedia.org/wiki/List_of_a ... ess_blocks
Re: zimbra behind Mikrotik Nat acts as open relay
Hello friend, i has too problem but i discovered what is. This is black list and mydestination.
1st:
use zimbra user: su zimbra
use command: zmprov ms mail.nestozanesto.com zimbraMtaMyNetworks '127.0.0.0/8'
next command: zmcontrol restart
2nd:
In admin panel with port 7071 (exemple mail.nestozanesto.com:7071) go to Configure>Global Setings>MTA and in DNS Checks put only this:
List of Client RBLs: - zen.spamhaus.org
- psbl.surriel.com,
- b.barracudacentral.org,
- bl.spamcop.net
List of ClientRHSBLs: - dbl.spamhaus.org
- multi.surbl.org
- rhsbl.sorbs.net
List of Reverse RHSBLs: - dbl.spamhaus.org
List of Sender RHSBLs: - dbl.spamhaus.org
- rhsbl.sorbs.net
- dbl.spamhaus.org
(list: multi.uribl.com never put here! That will block all mails! Gmail, yahoo...)
Best regards!
1st:
use zimbra user: su zimbra
use command: zmprov ms mail.nestozanesto.com zimbraMtaMyNetworks '127.0.0.0/8'
next command: zmcontrol restart
2nd:
In admin panel with port 7071 (exemple mail.nestozanesto.com:7071) go to Configure>Global Setings>MTA and in DNS Checks put only this:
List of Client RBLs: - zen.spamhaus.org
- psbl.surriel.com,
- b.barracudacentral.org,
- bl.spamcop.net
List of ClientRHSBLs: - dbl.spamhaus.org
- multi.surbl.org
- rhsbl.sorbs.net
List of Reverse RHSBLs: - dbl.spamhaus.org
List of Sender RHSBLs: - dbl.spamhaus.org
- rhsbl.sorbs.net
- dbl.spamhaus.org
(list: multi.uribl.com never put here! That will block all mails! Gmail, yahoo...)
Best regards!
Re: zimbra behind Mikrotik Nat acts as open relay
The details of what's required in the MyNetworks is in the wiki article that's linked to in the post above yours and you're missing the LAN IP (at the least) of your Zimbra server.ognjen.it wrote:Hello friend, i has too problem but i discovered what is.
Re: zimbra behind Mikrotik Nat acts as open relay
It's better to write here than to seek a link on the link.phoenix wrote:ognjen.it wrote:The details of what's required in the MyNetworks is in the wiki article that's linked to in the post above yours and you're missing the LAN IP (at the least) of your Zimbra server.
My mail nice work with only 127.0.0.0/8, but i will listen to your advice and add one more address 10.10.16.2/32 (my private addres of zimbra server)
