Zimbra open relay

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
lukax12
Posts: 1
Joined: Wed May 23, 2018 10:11 am

Zimbra open relay

Post by lukax12 »

Hello,
I came across strange problem with open relay on Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS
I installed new Zimbra server, made some changes in web administration console, changed MTA trusted network to our VLAN's IP ranges. Everything works as it should.
Today i started to test if our server is not working as open relay form internet.
I made telnet to mail server from internet on tcp port 25 and then HELO mydomain.com
mail from: someadrss@notmydomain.com
rcpt to: someadress@somedomain.com then i get Relay access denied - that is good
Then i tested with:
telnet to mail server on tcp port 25 and then HELO mydomain.com
mail from: someadress@notmydomain.com
rcpt to: me@mydomain.com then i get 250 2.1.5 Ok response
And if i entered all other commands from telnet mail was successfully delivered.
Strange, system acts as half of open relay
I have tested this on 2 Zimbra mail servers Release 8.8.8 and i found same behaviour.
Is this normal for zimbra server? Or is something wrong configured on default configuration of postfix?

Best regards,
User avatar
L. Mark Stone
Ambassador
Ambassador
Posts: 2796
Joined: Wed Oct 09, 2013 11:35 am
Location: Portland, Maine, US
ZCS/ZD Version: 10.0.6 Network Edition
Contact:

Re: Zimbra open relay

Post by L. Mark Stone »

lukax12 wrote:Hello,
I came across strange problem with open relay on Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS
I installed new Zimbra server, made some changes in web administration console, changed MTA trusted network to our VLAN's IP ranges. Everything works as it should.
Today i started to test if our server is not working as open relay form internet.
I made telnet to mail server from internet on tcp port 25 and then HELO mydomain.com
mail from: someadrss@notmydomain.com
rcpt to: someadress@somedomain.com then i get Relay access denied - that is good
Then i tested with:
telnet to mail server on tcp port 25 and then HELO mydomain.com
mail from: someadress@notmydomain.com
rcpt to: me@mydomain.com then i get 250 2.1.5 Ok response
And if i entered all other commands from telnet mail was successfully delivered.
Strange, system acts as half of open relay
I have tested this on 2 Zimbra mail servers Release 8.8.8 and i found same behaviour.
Is this normal for zimbra server? Or is something wrong configured on default configuration of postfix?

Best regards,

Doesn't the second telnet session just mimic normal inbound mail flow from other mail servers (assuming "me@mydomain.com" is a mailbox on your Zimbra server)?

Don't you want your Zimbra server to accept mail for local users from the Internet?

Maybe I'm reading this wrong...

All the best,
Mark
___________________________________
L. Mark Stone
Mission Critical Email - Zimbra VAR/BSP/Training Partner https://www.missioncriticalemail.com/
AWS Certified Solutions Architect-Associate
Post Reply