Threat of Mass Mailing Softwares
I am concerned about Mass Mailing softwares like Mail Boy 2004 to send unsolicited messages to my Zimbra mail server.
The default SMTP Authentication configuration does not seem to be eneough to stop such a software.
Is there anything which can be done to mitigate this threat?
Interesting results on further tests
After doing further tests, I came up with something very interesting:
There are two domains to which my Zimbra server sends mails directly to their Mail Servers- ‘cse.domain.net’ and ‘domain.net’.
My domain is ‘security.domain.net’.
Used the following settings in Mail Boy from a system in a FOREIGN network ( the network is not mentioned in the Postfix mynetworks parameter)
Use external SMTP server to deliver the results-
SMTP Server: Internal IP of my Zimbra server Port: 25
Note that only the ‘Use external SMTP server to deliver the messages’ is selected and that the SMTP server Authentication username and Password is not specified.
When trying to RELAY mails to standard internet domains like gmail, yahoo and rediff, I did receive a relay access denied message in the Zimbra logs and the mails did not go through. So far, good. This is the expected behaviour for relay attempts.
But interestingly, with the same settings, I was able to RELAY the mails to the domains which I have configured to send mails directly (cse.domain.net and domain.net) even though a valid username and password was not specified in the ‘This SMTP server requires Authentication’ section.
Hence, the anti-relay properties of Zimbra did not work on the domains for which Zimbra has been configured to deliver e-mails directly on their Mail Servers.
I believe, this setup should not have worked until a valid username and password is specified for SMTP authentication.