Zimbra Forums

Hello,
I came across strange problem with open relay on Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS
I installed new Zimbra server, made some changes in web administration console, changed MTA trusted network to our VLAN's IP ranges. Everything works as it should.
Today i started to test if our server is not working as open relay form internet.
I made telnet to mail server from internet on tcp port 25 and then HELO mydomain.com
mail from: someadrss@notmydomain.com
rcpt to: someadress@somedomain.com then i get Relay access denied - that is good
Then i tested with:
telnet to mail server on tcp port 25 and then HELO mydomain.com
mail from: someadress@notmydomain.com
rcpt to: me@mydomain.com then i get 250 2.1.5 Ok response
And if i entered all other commands from telnet mail was successfully delivered.
Strange, system acts as half of open relay
I have tested this on 2 Zimbra mail servers Release 8.8.8 and i found same behaviour.
Is this normal for zimbra server? Or is something wrong configured on default configuration of postfix?

Best regards,

lukax12 wrote:Hello,
I came across strange problem with open relay on Release 8.8.8_GA_2009.RHEL7_64_20180322150747 RHEL7_64 FOSS
I installed new Zimbra server, made some changes in web administration console, changed MTA trusted network to our VLAN's IP ranges. Everything works as it should.
Today i started to test if our server is not working as open relay form internet.
I made telnet to mail server from internet on tcp port 25 and then HELO mydomain.com
mail from: someadrss@notmydomain.com
rcpt to: someadress@somedomain.com then i get Relay access denied - that is good
Then i tested with:
telnet to mail server on tcp port 25 and then HELO mydomain.com
mail from: someadress@notmydomain.com
rcpt to: me@mydomain.com then i get 250 2.1.5 Ok response
And if i entered all other commands from telnet mail was successfully delivered.
Strange, system acts as half of open relay
I have tested this on 2 Zimbra mail servers Release 8.8.8 and i found same behaviour.
Is this normal for zimbra server? Or is something wrong configured on default configuration of postfix?

Best regards,

Doesn't the second telnet session just mimic normal inbound mail flow from other mail servers (assuming "me@mydomain.com" is a mailbox on your Zimbra server)?

Don't you want your Zimbra server to accept mail for local users from the Internet?

Maybe I'm reading this wrong...

All the best,
Mark