Results 1 to 5 of 5

Thread: does the default installtion of zimbra's postfix open relay ?

  1. #1
    Join Date
    Nov 2006
    Posts
    50
    Rep Power
    8

    Default does the default installtion of zimbra's postfix open relay ?

    in default installtion of zimbra,when i use x-scan tool scanning the machine for security problem ,this tool report that the postfix is open-relayed.

    then i test it by this manal.
    #telnet 192.168.1.8 25
    i can not see the auth method of the postfix.

    i am not sure why this is happend.

    does the default installtion of zimbra's postfix really open-relayed?

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    No, it isn't an open relay - that wouldn't be a very good selling point would it? Search google for some of the open releay test sites and try them.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Nov 2005
    Location
    London, ON
    Posts
    255
    Rep Power
    9

    Default

    Zimbra doesn't required the AUTH mechanism are you on the same local LAN as the Zimbra server.
    Last edited by phoenix; 11-07-2006 at 11:09 PM.

  4. #4
    Join Date
    Nov 2006
    Posts
    50
    Rep Power
    8

    Default

    when i tested the server ,i saw something like this:

    c:>telnet 192.168.1.10 25
    Code:
    220 centos.test.org ESMTP Postfix
    ehlo centos.test.org
    250-centos.test.org
    250-PIPELINING
    250-SIZE 10240000
    250-VRFY
    250-ETRN
    250-STARTTLS
    250 8BITMIME
    mail from:<test@abc.com>
    250 Ok
    rcpt to:<nxzwwt1@21cn.com>
    250 Ok
    data
    354 End data with <CR><LF>.<CR><LF>
    test
    test
    test spam.
    .
    250 Ok: queued as 2E2315644E4
    the email address test@abc.com does not exist,i am sure the email address nxzwt1@21cn.com received the test mail.

    did this show that my server is openrelayed?

    postfix has configed for sasl_auth,why the ehlo command not show that ?why i can not see:

    250 auth xxxxxx

  5. #5
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    Just to reiterate the two posts earlier. Zimbra isn't an open relay - search google for some of the open relay test sites.

    If you are on the same local LAN as the zimbra server it doesn't need authentication. You test shows nothing other than the fact you connected to the serevr and sent an email. That's not an open relay test. If you want to test your server, I'll say it again, search google for some of the open relay test sites.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. Replies: 45
    Last Post: 11-28-2007, 05:39 PM
  2. Error message in Server status
    By Max Ma in forum Installation
    Replies: 20
    Last Post: 04-19-2007, 08:55 AM
  3. perdition won't start after 4.5 Upgrade
    By freeformz in forum Administrators
    Replies: 1
    Last Post: 01-29-2007, 06:39 PM
  4. Zimbra acts as open relay by default?
    By lilwong in forum Administrators
    Replies: 2
    Last Post: 06-21-2006, 09:09 PM
  5. The mailbox and mta dies in FC4 GA version
    By meikka in forum Installation
    Replies: 72
    Last Post: 03-16-2006, 04:30 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •