How to enable SMTP Auth

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Sumi
Posts: 8
Joined: Mon Aug 26, 2019 9:37 am

Re: How to enable SMTP Auth

Post by Sumi »

Same issue here on the latest version & I could swear it wasn't used to be like this..

I can send mail from user1@domain.com to user2@domain com via port 25, even if user1@domain.com doesn't exist (doesn't have a mailbox or anything, so any string I put instead of user1 will be able to send email to user2@domain.com).

Also if I try it from the internal network, I basicly have an open relay, as anyuser@domain.com (even if it doesn't exist) is able to send email to *@*.* over port 25.. wtf.

EDIT: Okay, the second one was my bad.. I had "zimbraMtaMyNetworks" set to the internal network(s).. But still anyone can send from anyuser1@domain.com to anyuser2@domain.com (doesn't matter where I connect from or if anyuser1 even exists or not)
phoenix
Ambassador
Ambassador
Posts: 27272
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

Re: How to enable SMTP Auth

Post by phoenix »

How about starting with this article: https://wiki.zimbra.com/wiki/Rejecting_ ... _addresses

You should also read some of the other wiki articles on Zimbra security and some of the forum threads.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
wentum
Advanced member
Advanced member
Posts: 53
Joined: Fri Apr 04, 2014 10:49 am
Location: Pforzheim (Germany)
ZCS/ZD Version: Release 9.0.0.GA.3924 _P30
Contact:

Re: How to enable SMTP Auth

Post by wentum »

It is generally still as Bill said here: viewtopic.php?f=15&t=59829#p292661

But let me go a bit further and add "it feels responsible for'.
Meaning, if you configured 'mydomain.com' as a domain in your zimbra, it will take emails from any sender address whatever domain for any recipient adress at 'mydomain.com' on port 25. As long as this recipient address exists and you didn't configure other restrictions...

Regards
Joerg
Sumi
Posts: 8
Joined: Mon Aug 26, 2019 9:37 am

Re: How to enable SMTP Auth

Post by Sumi »

phoenix wrote:How about starting with this article: https://wiki.zimbra.com/wiki/Rejecting_ ... _addresses

You should also read some of the other wiki articles on Zimbra security and some of the forum threads.

Thank you very much! Appreciate it.
Sumi
Posts: 8
Joined: Mon Aug 26, 2019 9:37 am

Re: How to enable SMTP Auth

Post by Sumi »

phoenix wrote:How about starting with this article: https://wiki.zimbra.com/wiki/Rejecting_ ... _addresses

You should also read some of the other wiki articles on Zimbra security and some of the forum threads.
Also sorry for the stupid question, but is there a way to require users to authenticate on port 25 if and only if the mail from: address is one of the zimbra domains (user@mydomain.com)?
I understand that they can only send emails to the "outside world" if they have authenticated, but intra-domains (user1@mydomain.com -> user2@mydomain.com) it still goes through if user1 and user2 exists (thanks once again for your previous post, as now at least it doesn't go through if user1 doesn't exist:)).
I know that in an ideal world users won't connect to port 25, but in reality they're able to (Even if I filter all the LAN's, they can connect on port 25 when they're connecting from a WAN address).
Linka
Posts: 1
Joined: Mon Apr 18, 2022 1:44 pm

Re: How to enable SMTP Auth

Post by Linka »

Post Reply