I need to block email that come from port 25 ( SMTP ) when they suppose a sender address that exists in my domain. I received spam email to my domain users requesting bitcon etc...
Surprisingly by default Zimbra doesn't require authentication for email incoming at SMTP when the sender is one of the configured zimbra domain.
For example if I know one email address of your domain I can send email to this account Inbox to itself or other users in the domain.
To test this is easy, suppose mail.example.com your domain and email@example.com is the known email by attacker/spammer:
telnet example.com 25
Now you can send email to firstname.lastname@example.org from email@example.com as well.
I would to force authentication through 465 port and block incoming SMTP request when sender is one of domain @example.com.
How to do that ?
- Zimbra Collaboration 9.0.0 now available. Read the release notes.
- Zimbra Collaboration 8.8.15 LTS now available. Read the release notes.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub, Blog and the Community Github.
- Zimbra is Open Source! Read the FAQ. You can also contribute and build binary from source!
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
2 posts • Page 1 of 1
Found from the following Zimbra wiki ( https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5 ) ; I would suggest to insert some words such as "force smtp auth" because I didn't find it at first from follow search ( https://wiki.zimbra.com/index.php?searc ... +smtp+auth )
Who is online
Users browsing this forum: No registered users and 12 guests