Can send email to user via telnet from anywhere. Why?

[nektod]

Hi!

I've discovered that can send email to real users mailbox from anywhere without auth via telnet:

Code: Select all

open myzimbra.server.com 25
220 myzimbra.server.com ESMTP Postfix
helo myzimbra.server.com
250 myzimbra.server.com
mail from:<user1@server.com>
250 2.1.0 Ok
rcpt to:<user2@server.com>
250 2.1.5 Ok
data
250 2.0.0 Ok: queued as E90CC3E14E3

In zimbra.log:

Code: Select all

Jun 30 11:30:17 mail postfix/cleanup[131061]: 27F193E1B32: message-id=<20200630103011.27F193E1B32@myzimbra.server.com>
Jun 30 11:30:17 mail postfix/qmgr[131037]: 27F193E1B32: from=<user1@server.com>, size=343, nrcpt=2 (queue active)
Jun 30 11:30:17 mail amavis[118405]: (118405-06) ESMTP [127.0.0.1]:10024 /opt/zimbra/data/amavisd/tmp/amavis-20200630T131633-118405-9FRJEEKE: <user1@server.com> -> <user2@server.com> SIZE=343 Received: from  myzimbra.server.com ([127.0.0.1]) by localhost (myzimbra.server.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP; Tue, 30 Jun 2020 11:30:17
Jun 30 11:30:17 mail amavis[118405]: (118405-06) Checking: BVGVNeh714dP [my.external.ip] <user1@server.com> -> <user2@server.com>
Jun 30 11:30:22 mail postfix/amavisd/smtpd[636]: connect from localhost[127.0.0.1]
Jun 30 11:30:22 mail postfix/amavisd/smtpd[636]: 34A6C3E1B34: client=localhost[127.0.0.1]
Jun 30 11:30:22 mail postfix/cleanup[131053]: 34A6C3E1B34: message-id=<20200630103011.27F193E1B32@myzimbra.server.com>
Jun 30 11:30:22 mail amavis[118405]: (118405-06) BVGVNeh714dP FWD from <user1@server.com> -> <user2@server.com>, BODY=7BIT 250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 34A6C3E1B34
Jun 30 11:30:22 mail postfix/amavisd/smtpd[636]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 30 11:30:22 mail postfix/qmgr[131037]: 34A6C3E1B34: from=<user1@server.com>, size=938, nrcpt=1 (queue active)
Jun 30 11:30:22 mail postfix/amavisd/smtpd[637]: connect from localhost[127.0.0.1]
Jun 30 11:30:22 mail postfix/amavisd/smtpd[637]: 375A43E1B35: client=localhost[127.0.0.1]
Jun 30 11:30:22 mail postfix/cleanup[131061]: 375A43E1B35: message-id=<20200630103011.27F193E1B32@myzimbra.server.com>
Jun 30 11:30:22 mail postfix/amavisd/smtpd[637]: disconnect from localhost[127.0.0.1] ehlo=1 mail=1 rcpt=1 data=1 quit=1 commands=5
Jun 30 11:30:22 mail postfix/qmgr[131037]: 375A43E1B35: from=<user1@server.com>, size=745, nrcpt=1 (queue active)
Jun 30 11:30:22 mail amavis[118405]: (118405-06) Passed CLEAN {RelayedInbound,RelayedOpenRelay}, [my.external.ip]:63906 [136.243.136.61] <user1@server.com> -> <user2@server.com>, Queue-ID: 27F193E1B32, Message-ID: <2
0200630103011.27F193E1B32@myzimbra.server.com>, mail_id: BVGVNeh714dP, Hits: 2.819, size: 343, queued_as: 34A6C3E1B34/375A43E1B35, 4639 ms
Jun 30 11:30:22 mail postfix/smtp[131055]: 27F193E1B32: to=<user2@server.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=41, delays=36/0/0/4.6, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 34A6C3E
1B34)

So, ZImbra thinks that email's sent from trusted network, localhost. But If I send email to another domain, it'll be blocked as relay access denied. Could you please tell why?

[phoenix]

Hi!

I've discovered that can send email to real users mailbox from anywhere without auth via telnet

That's what a mail server is for, it receives mail from anywhere and delivers it to a user. You can't implement authentication on port 25 otherwise you'd never receive mail from people - think about it. BTW, using telnet is no different than receiving an email from another server, as long as your server is not an open relay there's no problem with that.