Results 1 to 10 of 11

Thread: Sending mail on port 25 without authentication

Hybrid View

  1. #1
    Join Date
    Jun 2009
    Posts
    49
    Rep Power
    6

    Default Sending mail on port 25 without authentication

    I have set up a zimbra and configured outlook as the mail clients.

    I configured my account on outlook on a computer running on the LAN. I then changed the logon information(password) on outlook.

    When I open outlook, It asks me for the password. When I click cancel, I can still send mail from the configured account

    Does this mean that my zimbra server is an open relay on the LAN? If so, How do I stop this?

    I am using port 25 as the "outgoing server".

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Port 25 does not need authentication, your server is not an Open Relay (I assume you've checked this with an online test?). If you wish to use Authentication then you should use the correct Submission port with is 587 and does require Authentication.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Jun 2009
    Posts
    49
    Rep Power
    6

    Default

    Phoenix,

    Thanks for the response. From external networks I am using port 465. this is working fine(my server is not an open relay).

    My concern is from the LAN. Can Any outlook masquarade themselves and send mail as if they were another user? Can Spambots running on my LAN use port 25?

  4. #4
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by mutuku View Post
    Phoenix,

    Thanks for the response. From external networks I am using port 465. this is working fine(my server is not an open relay).
    You should use port 587, that is the correct port.

    Quote Originally Posted by mutuku View Post
    My concern is from the LAN. Can Any outlook masquarade themselves and send mail as if they were another user? Can Spambots running on my LAN use port 25?
    If you wish to restrict that you need to change the setting in mynetworks that limits the 'Trusted IPs' to the loopback adapter and the IP of the Zimbra server, there are several threads in the forums that have details on what's needed do a search for that.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  5. #5
    Join Date
    Jun 2009
    Posts
    49
    Rep Power
    6

    Default

    If you wish to restrict that you need to change the setting in mynetworks that limits the 'Trusted IPs' to the loopback adapter and the IP of the Zimbra server
    I setup that when I installed the server. My server has 2 network cards...one that is natted to a public IP(IPA), and the other the that connects to the LAN(IPB). All the IPs(IPA, IPB and the loopback) are in the MTA trusted networks list.

  6. #6
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by mutuku View Post
    All the IPs(IPA, IPB and the loopback) are in the MTA trusted networks list.
    That is incorrect, you should not have the Public IP in there and only have the loopback and the NAT IP of the server in there otherwise you'll be opening up your server to be a relay.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  7. #7
    Join Date
    Jun 2009
    Posts
    49
    Rep Power
    6

    Default

    the public IP is not there(MTA trusted networks list). Just the LAN IPs of the 2 network cards of the server. The public IP is natted to one of the mail servers. LAN IPs.Both of the LAN IPs(IPs of the 2 netwotk cards) are MTA trusted networks list. Is this correct?

  8. #8
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Quote Originally Posted by mutuku View Post
    the public IP is not there(MTA trusted networks list). Just the LAN IPs of the 2 network cards of the server. The public IP is natted to one of the mail servers. LAN IPs.Both of the LAN IPs(IPs of the 2 netwotk cards) are MTA trusted networks list. Is this correct?
    That is the correct configuration and there should be no problem.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  9. #9
    Join Date
    Jun 2009
    Posts
    49
    Rep Power
    6

    Default

    I want to mail client access to port 25. Is this possible? I want to migrate to using port 587.

Similar Threads

  1. connection refused port 7025 - what is this?
    By pheonix1t in forum Administrators
    Replies: 4
    Last Post: 10-11-2011, 04:37 AM
  2. mta to not starting
    By cowanpf in forum Installation
    Replies: 2
    Last Post: 10-05-2009, 04:36 AM
  3. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 08:09 AM
  4. DynDNS and Zimbra
    By afterwego in forum Installation
    Replies: 30
    Last Post: 04-01-2007, 03:34 PM
  5. Seeming variety of problems on suse-9.1
    By Crexis in forum Installation
    Replies: 52
    Last Post: 03-03-2006, 11:19 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •