Results 1 to 10 of 20

Thread: Zimbra as filter/relay

Hybrid View

  1. #1
    Join Date
    Nov 2005
    Posts
    175
    Rep Power
    10

    Default Zimbra as filter/relay

    Hi, we've started deploying Zimbra servers in environments where they replace the existing mail server. It's been refreshing to have the beautiful web interface and also the increase in its ability to deal appropriately with spam over the solutions it has replaced. However, we also have some clients who aren't ready yet to part with their Exchange servers. In this case I'm wondering if at least as a first step, some of the improvements in spam detection and tracking could be had by putting the Zimbra server in front of the Exchange server as sort of a mail relay. With the postfix restriction that addresses must exist on the server in order to be accepted - that alone could cut down on the number of SMTP connections we're having to deal with. However, ideally, Zimbra would authenticate addresses on the domain without having to actually set the accounts up manually on Zimbra, and then it would pass the messages on to the Exchange server rather than storing them locally. Is this feasible?

  2. #2
    Join Date
    Nov 2006
    Posts
    177
    Rep Power
    9

    Default

    We are doing the same thing. I have a post in asking about the configuration rewriting that occurs when you restart Zimbra. However one of our clients is moving back to Exchange from Zimbra due to Outlook connector and mobile phone issues.

    Basically you will be changing the configuration of Postfix to act as a mail gateway for those domains still using Exchange. You can do this with a combination of relay_domains, relay_recipient_maps, and transport_maps.

    I believe the The Postfix Home Page site has examples of a mail gateway.

    I have it working (sans recipient auth) my problem is that the transport_maps parameter in main.cf is recreated each time postfix is restarted so I do not know how to make my changes stick.

    Let me know if I can be of further assistance. I am no mail expert by any means (I am not even and admin) but I have gotten this work.

  3. #3
    Join Date
    Nov 2005
    Posts
    175
    Rep Power
    10

    Default

    Well good, that's a first step.

    Anyone have a solution to the recipient authentication issue in this instance? Since Zimbra can authenticate with AD, can't Zimbra accept or deny a recipient address against AD, and then if it is accepted recognize that the account must exist (according to AD) but isn't local, and therefore redirect it to a specified mail host?

    dlochart - What were the Outlook connector and mobile sync problems? If you were only using Zimbra as an email gateway, why would you even be using the Outlook connector and mobile sync? Wouldn't you just leave that to Exchange, since Zimbra is only the gateway and doesn't even store any messages?
    Last edited by bjquinn; 10-10-2007 at 03:09 PM.

  4. #4
    Join Date
    Nov 2006
    Posts
    177
    Rep Power
    9

    Default

    Quote Originally Posted by bjquinn View Post
    Well good, that's a first step.

    Anyone have a solution to the recipient authentication issue in this instance? Since Zimbra can authenticate with AD, can't Zimbra accept or deny a recipient address against AD, and then if it is accepted recognize that the account must exist (according to AD) but isn't local, and therefore redirect it to a specified mail host?
    Not sure what you want here so I will stay out of it. I plan to implement relay_recipients ( a check to see that there is a valid recipient in the exchange server) before I send the mail on to the Exchange server but as far as authentication goes that is all done in Exchange.

    Quote Originally Posted by bjquinn View Post
    dlochart - What were the Outlook connector and mobile sync problems? If you were only using Zimbra as an email gateway, why would you even be using the Outlook connector and mobile sync? Wouldn't you just leave that to Exchange, since Zimbra is only the gateway and doesn't even store any messages?
    We moved this client from Exchange into Zimbra. Bad Move. They were used to OutLook and Exchange. No one used the web interface (except to get around Calendaring issues). The Outlook connector has lots of issues. So much so they decided to go back to Exchange. We still want to use the Zimbra MTA as a gateway for this client only. Our other clients (web users) are very happy.

    Microsoft products do not play well with non M$ products ... plain and simple.

  5. #5
    Join Date
    Nov 2005
    Posts
    175
    Rep Power
    10

    Default

    We moved this client from Exchange into Zimbra. Bad Move. They were used to OutLook and Exchange. No one used the web interface (except to get around Calendaring issues). The Outlook connector has lots of issues. So much so they decided to go back to Exchange. We still want to use the Zimbra MTA as a gateway for this client only. Our other clients (web users) are very happy.

    Microsoft products do not play well with non M$ products ... plain and simple.
    Ah, ok that makes more sense now.


    Quote Originally Posted by dlochart View Post
    Not sure what you want here so I will stay out of it. I plan to implement relay_recipients ( a check to see that there is a valid recipient in the exchange server) before I send the mail on to the Exchange server but as far as authentication goes that is all done in Exchange.
    Well, I don't actually want to "authenticate" as such (meaning verifying username AND password), I just want to verify that a user exists, and since Zimbra can hook up to AD (I believe), I would imagine this is possible, I just don't know how. Is that related to your relay_recipients thing? How does that work?
    Last edited by bjquinn; 10-10-2007 at 04:31 PM.

  6. #6
    Join Date
    Nov 2005
    Posts
    175
    Rep Power
    10

    Default

    Maybe you're way past this, but the following link seems helpful...

    Automatically Update Recipient Maps From Active Directory - Fairly-Secure Anti-Spam

Similar Threads

  1. Replies: 26
    Last Post: 04-19-2011, 10:24 AM
  2. [SOLVED] Spam Being Sent Thru Server - Help Needed!
    By msf004 in forum Administrators
    Replies: 22
    Last Post: 03-15-2008, 12:11 AM
  3. Zimbra shutdowns every n hours.
    By Andrewb in forum Administrators
    Replies: 13
    Last Post: 08-14-2007, 09:55 AM
  4. Monitoring : Data not yet avalaible
    By s3nz3x in forum Installation
    Replies: 7
    Last Post: 11-30-2005, 07:18 PM
  5. FC3 Install and no zimbra ?
    By aws in forum Installation
    Replies: 10
    Last Post: 10-09-2005, 05:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •