Page 2 of 2 FirstFirst 12
Results 11 to 17 of 17

Thread: Security phishing problem with zimbra

  1. #11
    Join Date
    Oct 2007
    Posts
    5
    Rep Power
    8

    Default

    Hello, ¿do you know, when this problem will be resolve? ¿In the next version of zimbra?

    Thanks

  2. #12
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by xusnbb View Post
    Hello, ¿do you know, when this problem will be resolve? ¿In the next version of zimbra?
    I guess it won't be looked at until someone files a bug report in bugzilla but as this is an RFC requirement then I doubt very much if we will do anything about it.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #13
    Join Date
    Jul 2007
    Location
    San Jose, CA
    Posts
    1,027
    Rep Power
    10

    Default

    Quote Originally Posted by xusnbb View Post
    Hello, ¿do you know, when this problem will be resolve? ¿In the next version of zimbra?

    Thanks
    Señor,

    Según los respuestos de gente de la companía Zimbra, este situación no es un problema del software Zimbra. Hay algunos regulaciones sobre los funciones de email que necesicitan seguir, y según éstes regulaciones un server SMTP se requiere acceptar cualquier mensaje por un recipiente que tiene cuenta valido en el "domain." Por eso, no es posible cambiar.

    Yo hice algunos pruebas ayer y no es posible enviar un mensaje a OTRO "domain" con esto método; por este razón no es un verdadero relay abierto. Realmente el único problema posible es que los recipientes dentro de su "domain" pensarán que el mensaje viene de alguien otro dentro de su domain; en cualquier caso el mensaje se pasará cuando el recipiente tiene cuenta valido.

    Espero que este le hace mas claro el situación.

    Saludos,

    Daniel

  4. #14
    Join Date
    Oct 2007
    Location
    Brazil
    Posts
    88
    Rep Power
    8

    Default

    Hello

    I agree that this is not a problem with Zimbra and that can be done in most SMTP servers, but a nice way to solve is to enable SPF verification on the SMTP server, with that enabled this message will originate from the IP address of the user trying to spoof the email address and will be caught by the SPF verification because that IP wont be permited to send emails for that domain.

    Hope that helps

    []s

  5. #15
    Join Date
    Oct 2007
    Posts
    5
    Rep Power
    8

    Default

    Hello Bonadio , can you help me to activate SPF in zimbra¿?

    What can i active SPF¿?

    Thanks Bonadio

  6. #16
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Check this wiki article, there really isn't much to do for activation. There's also a couple of mentions in the forums about SPF, please search.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #17
    Join Date
    Oct 2007
    Location
    Brazil
    Posts
    88
    Rep Power
    8

    Default

    Hello xusnbb

    The SPF is activated in the POSTFIX its not part of Zimbra, take a look
    in this howto that can help you enable in your server

    How To Implement SPF In Postfix | HowtoForge - Linux Howtos and Tutorials

    Regards

    []s

Similar Threads

  1. QUE Failure
    By tbullock in forum Administrators
    Replies: 31
    Last Post: 07-30-2008, 01:17 PM
  2. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 01:00 PM
  3. port 7071 not listening OS X install
    By leeimber in forum Installation
    Replies: 7
    Last Post: 03-21-2006, 10:47 AM
  4. Zimbra Processor Output
    By UltraFlux in forum Installation
    Replies: 3
    Last Post: 02-01-2006, 08:23 AM
  5. Mail logs
    By Rick Baker in forum Installation
    Replies: 8
    Last Post: 01-17-2006, 04:33 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •