Hi,

This is my first thread. I have Zimbra configured as primary email server with valid DNS & MX records. I have not configured it as an Open Relay. But still i can see a lot of emails from/to domain "yahoo.com.tw" being relayed from my zimbra server. I have no idea for this and need to stop this relaying immediately. I have not allowed anyone to relay. Please go through the information given below and suggest.

System config -

Software -
Zimbra 6.0.2 community edition
Red Hat Enterprise Linux 5

Hardware -
CPU - 4
Ram - 4 GB
HDD - 500 GB

Network -
NIC Cards - 1
IP address - 192.168.xx.yyy/20
DNS - 192.168.xx.yyy/20 (same machine)

My firewall's internal NIC address is a part of the same subnet as that of the Zimbra server. I am using my firewall in NAT mode and have mapped a public ip address to internal private ip address of Zimbra server.

Troubleshooting done so far -

I had tried few suggestions found in existing threads like -

MTA trusted networks - 127.0.0.0/8 192.168.xx.0/20

was modified as

MTA trusted networks - 127.0.0.0/8 192.168.xx.yyy/32

After that OPEN RELAY action was stopped, but as a side effect all incoming email traffic was stopped. this forced me to revert back the changes.

CURRENT STATUS -

I have now managed to reduce the number of these relayed spam emails by using my hardware firewall policies. But (1) i need to eliminate them completely. (2) Open relay action has to be stopped asap.

PLEASE SUGGEST.

Thanks in advance

Have a nice day !

Milind Patil

Team Leader - Technical