Results 1 to 9 of 9

Thread: [SOLVED] Zimbra default settings for mail headers rewrite

  1. #1
    Join Date
    Feb 2010
    Posts
    7
    Rep Power
    5

    Default [SOLVED] Zimbra default settings for mail headers rewrite

    Hello,

    When email is received with badly formed From/To headers:
    Code:
    From: an evil spammer@spam.com
    To: me
    it is rewritten the following way:
    Code:
    From: an@$mydomain, evil@$mydomain, spammer@spam.com
    To: me@$mydomain
    which is very confusing for the person receiving such email.

    Zimbra default setting for postfix headers rewrite seems very reasonable and should not allow this:
    Code:
    local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
    The problem is that this setting does not work!
    When incoming email scanned with amavis it gets reinjected to postfix from 127.0.0.1 source address, which falls under permit_mynetworks criterium.

    As a workaround I completely disabled From/To headers rewrite:
    Code:
    local_header_rewrite_clients =
    Is there any more elegant way to resolve this issue?
    Is it a bug?

    PS: Zimbra version - ZCS 6.0.5 open source

    Thank you,
    Ivan.
    Last edited by ivan78; 03-05-2010 at 01:20 AM.

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Welcome to the forums

    How does that effect things ? as the SPAM email should be rejected before being injected back in by LMTP.

  3. #3
    Join Date
    Feb 2010
    Posts
    7
    Rep Power
    5

    Default

    Thanks.

    Are you sure all spam emails are rejected by spam filter? If that was true there would not be such problem in the world as SPAM. :-)
    This issue bothers me because my users receiving spam messages as if they were sent from my email server.

    Ivan.

  4. #4
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    I understand where you are coming from but that would be no different than a spam coming through as
    Code:
    From: me@$mydomain
    To: me@$mydomain
    Are you blocking those as well ? You could add
    Code:
    smtpd_recipient_restrictions =  reject_non_fqdn_sender

  5. #5
    Join Date
    Feb 2010
    Posts
    7
    Rep Power
    5

    Default

    Quote Originally Posted by uxbod View Post
    I understand where you are coming from but that would be no different than a spam coming through as
    Code:
    From: me@$mydomain
    To: me@$mydomain
    Are you blocking those as well ?
    Let me explain my point again.
    Yes, spamers can send emails from @$mydomain, but from my experience:
    - they prefer not to do it because they aware of sender verification, such as SPF and DKIM
    - if they do it, i know how to deal with that issue

    I'm dealing with a case when spamer, not qualified enough to compose valid email template, sending me spam with malformed From: header. This is not a single case, this happens on daily basis.
    That's why I'm asking for help. And my question is - how to make Zimbra not to rewrite malformed From: header to multiple addresses from my domain.

    Quote Originally Posted by uxbod View Post
    You could add
    Code:
    smtpd_recipient_restrictions =  reject_non_fqdn_sender
    This check is enabled, but it is related to envelope from, not From: header.

    Thank you,
    Ivan.

  6. #6
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Okay; I would file a RFE on this one. I believe the better approach would to be use something like
    Code:
    local_header_rewrite_clients = permit_sasl_authenticated, check_address_map hash:/opt/zimbra/conf/postfix_interfaces.cf
    And in the .cf just have the primary IP address of the server and not the loopback. Great catch

  7. #7
    Join Date
    Feb 2010
    Posts
    7
    Rep Power
    5

    Default

    Well, after some researching I found a proper way to fix my problem.
    Amavis injects scanned email back to postfix via special smtpd instance, listening on localhost:100025, which has its own set of configuration parameters.

    I've just added
    Code:
    -o local_header_rewrite_clients=
    at the bottom of master.cf.in and restarted the postfix.

    I guess this should be enabled by default.
    How this can be done? Please advise.

    Ivan.

  8. #8
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Please file a RFE and people will be able to vote for it (and say it is a bug).

  9. #9
    Join Date
    Feb 2010
    Posts
    7
    Rep Power
    5

Similar Threads

  1. Replies: 15
    Last Post: 11-24-2009, 07:46 AM
  2. [SOLVED] Clamav problem ? What's happening ?
    By aNt1X in forum Installation
    Replies: 23
    Last Post: 02-14-2008, 04:43 AM
  3. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM
  4. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 09:39 AM
  5. Zimbra server crashed
    By goetzi in forum Administrators
    Replies: 6
    Last Post: 03-25-2006, 12:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •