Results 1 to 5 of 5

Thread: groups of domains with separate IP addresses (opensource 8.02)

Hybrid View

  1. #1
    Join Date
    Apr 2013
    Posts
    3
    Rep Power
    2

    Default groups of domains with separate IP addresses (opensource 8.02)

    I've been tearing my hair out searching for this info. In an attempt to help minimize damage if a clients' infected machine sends spam and puts all my clients on blacklists ( happened over the weekend), I was able to get a /29 IP (5 addresses) for my VPS server. I have found posts on setting up each domain to an IP. But since I have more than 5 domains, I was hoping I could create a virtual group and assign the IP address based on that, i.e.,

    mail1.myserver.com xxx.xxx.xxx.1
    mail.domain1.com
    mail.domain2.com

    mail2.myserver.com xxx.xxx.xxx.2
    mail.domain3.com
    mail.domain4.com
    mail.domain5.com

    and so on. Can anyone point me in the right direction?

    TIA,
    Bob

  2. #2
    Join Date
    May 2007
    Location
    Indonesia
    Posts
    149
    Rep Power
    8

    Default

    HI,
    Quote Originally Posted by bobd View Post
    I've been tearing my hair out searching for this info. In an attempt to help minimize damage if a clients' infected machine sends spam and puts all my clients on blacklists ( happened over the weekend), I was able to get a /29 IP (5 addresses) for my VPS server. I have found posts on setting up each domain to an IP. But since I have more than 5 domains, I was hoping I could create a virtual group and assign the IP address based on that, i.e.,

    mail1.myserver.com xxx.xxx.xxx.1
    mail.domain1.com
    mail.domain2.com

    mail2.myserver.com xxx.xxx.xxx.2
    mail.domain3.com
    mail.domain4.com
    mail.domain5.com

    and so on. Can anyone point me in the right direction?

    TIA,
    Bob
    1. Do you have 5 instance of Zimbra on each VPS or is this only 1 Zimbra VPS for 5 domain?
    2. According to your problem, why don't you increase Zimbra security by improving anti spam, applying Fail2Ban, Rate-Limit sending message by using PolicyD and prevent password hacking by using strong password with minimum length and combination of lower-upper case+numeric char? Even using more than > /29 IP address will make you in trouble (IP blacklist due to sending massive message from your compromised account)
    Best Regards
    ---
    Masim "Vavai" Sugianto
    Zimbra Tutorial
    Personal Blog [ID]

    Release 8.0.6_GA_5922.SLES11_64_20131203103702 SLES11_64 FOSS edition.

  3. #3
    Join Date
    Apr 2013
    Posts
    3
    Rep Power
    2

    Default

    Masim,

    Thanks for replying. To answer your questions,

    1) it is a single VPS running zimbra. It has 5 IP addresses assigned to it.

    2) I am not familiar with any of those features you suggest. I will have to investigate. If you have anyplace to point me, it would be appreciated. But I'll start googling as soon as I finish this reply.

    As per the passwords, it isn't a brute-force compromise of the accounts. When I discovered I was being hit, I changed passwords. The spam stopped until the client used the new password (after running an AV program that came up clean.) My fault for not verifying his finding a problem before I gave him the passwords. He doesn't have the newest passwords, that's for sure!

    I hear you about the /29 issue making it look like I'm a spam farm, but this is only the third time in several years I've had to deal with this. So I would not expect multiple domains to be compromised.

    bob

  4. #4
    Join Date
    Apr 2013
    Posts
    3
    Rep Power
    2

    Default

    Just to prove i'm not expecting things to be spoon fed--
    I looked at fail2ban and it is for blocking brute force. Handy, but not my immediate problem.
    PolicyD does look valuable and I will be installing it.

    But what did you mean by improving anti-spam? Something other than these two?

  5. #5
    Join Date
    May 2007
    Location
    Indonesia
    Posts
    149
    Rep Power
    8

    Default

    Hi,

    Quote Originally Posted by bobd View Post
    Just to prove i'm not expecting things to be spoon fed--
    I looked at fail2ban and it is for blocking brute force. Handy, but not my immediate problem.
    PolicyD does look valuable and I will be installing it.

    But what did you mean by improving anti-spam? Something other than these two?
    Improving anti spam : Improving Anti-spam system - Zimbra :: Wiki would be benefit to increase Zimbra security, even if you didn't deals with too much spam for years. Actually, what I've suggested on the above are based on my experience both on our Zimbra VPS services and our deployment on various client. Glad to hear that you have a few spam issue until now.
    Best Regards
    ---
    Masim "Vavai" Sugianto
    Zimbra Tutorial
    Personal Blog [ID]

    Release 8.0.6_GA_5922.SLES11_64_20131203103702 SLES11_64 FOSS edition.

Similar Threads

  1. Replies: 3
    Last Post: 08-18-2012, 05:41 AM
  2. Mail Server with Multiple IP Addresses & Domains
    By cyberdeath in forum Administrators
    Replies: 0
    Last Post: 12-10-2011, 10:50 PM
  3. Mail Server with Multiple IP Addresses & Domains
    By cyberdeath in forum Installation
    Replies: 0
    Last Post: 12-10-2011, 10:50 PM
  4. [SOLVED] Several domains on OpenSource edition
    By Samp in forum Administrators
    Replies: 4
    Last Post: 11-16-2010, 05:44 AM
  5. Move Some Domains To Separate Zimbra Server?
    By LMStone in forum Administrators
    Replies: 4
    Last Post: 09-05-2008, 10:30 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •