This is my first thread. I have Zimbra configured as primary email server with valid DNS & MX records. I have not configured it as an Open Relay. But still i can see a lot of emails from/to domain "yahoo.com.tw" being relayed from my zimbra server. I have no idea for this and need to stop this relaying immediately. I have not allowed anyone to relay. Please go through the information given below and suggest.
System config -
Zimbra 6.0.2 community edition
Red Hat Enterprise Linux 5
CPU - 4
Ram - 4 GB
HDD - 500 GB
NIC Cards - 1
IP address - 192.168.xx.yyy/20
DNS - 192.168.xx.yyy/20 (same machine)
My firewall's internal NIC address is a part of the same subnet as that of the Zimbra server. I am using my firewall in NAT mode and have mapped a public ip address to internal private ip address of Zimbra server.
Troubleshooting done so far -
I had tried few suggestions found in existing threads like -
MTA trusted networks - 127.0.0.0/8 192.168.xx.0/20
was modified as
MTA trusted networks - 127.0.0.0/8 192.168.xx.yyy/32
After that OPEN RELAY action was stopped, but as a side effect all incoming email traffic was stopped. this forced me to revert back the changes.
CURRENT STATUS -
I have now managed to reduce the number of these relayed spam emails by using my hardware firewall policies. But (1) i need to eliminate them completely. (2) Open relay action has to be stopped asap.
Thanks in advance
Have a nice day !
Team Leader - Technical