ZIMBRA SMTP AUTH problem

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
phoenix
Ambassador
Ambassador
Posts: 26682
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

ZIMBRA SMTP AUTH problem

Postby phoenix » Thu Jul 16, 2009 1:12 am

I mean where is the PC that the Outlook user is on, is it an internal LAN user (is it on the same subnet as the server) or is it external to your network?


Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
siomon.liu
Advanced member
Advanced member
Posts: 68
Joined: Sat Sep 13, 2014 12:22 am
ZCS/ZD Version: Release 8.7.3_GA_1750.RHEL7_64_2017

ZIMBRA SMTP AUTH problem

Postby siomon.liu » Thu Jul 16, 2009 1:16 am

[quote user="10330phoenix"]I mean where is the PC that the Outlook user is on, is it an internal LAN user (is it on the same subnet as the server) or is it external to your network?[/QUOTE]
external !
zimbra is internet server.


zimbra send and receive mail is no problem!
only this question send mail without auth.
thorng
Posts: 46
Joined: Sat Sep 13, 2014 12:21 am

ZIMBRA SMTP AUTH problem

Postby thorng » Fri Jul 17, 2009 12:16 pm

on the Admin UI MTA tab (The sme one you had screenshot). Look lower for the MTA Trusted Networks in the Network section. If your client IP address falls under these subnet. You don't need to authenticate to send email over SMTP. If you want to force authentication for all clients, reduce the scope to only the loopback interface and local interface. (and any ohter relay partner).
User avatar
siomon.liu
Advanced member
Advanced member
Posts: 68
Joined: Sat Sep 13, 2014 12:22 am
ZCS/ZD Version: Release 8.7.3_GA_1750.RHEL7_64_2017

ZIMBRA SMTP AUTH problem

Postby siomon.liu » Sun Jul 19, 2009 10:31 pm

[quote user="thorng"]on the Admin UI MTA tab (The sme one you had screenshot). Look lower for the MTA Trusted Networks in the Network section. If your client IP address falls under these subnet. You don't need to authenticate to send email over SMTP. If you want to force authentication for all clients, reduce the scope to only the loopback interface and local interface. (and any ohter relay partner).[/QUOTE]

I SETUP

MTA TRUSTED NETWORK = 127.0.0.1/32 255.255.255.255/32
255.255.255.255/32 is my zimbra server internet ip address.
i use my pc client check smtp auth.
but i can send mail without auth too.

:(:(:(

mta.JPG

rockman
Posts: 3
Joined: Sat Sep 13, 2014 12:34 am

ZIMBRA SMTP AUTH problem

Postby rockman » Mon Jul 20, 2009 6:30 am

I am puzzled by this potential safety issue too.

We planned to make our ZCS5.0 go live later this month. Now it looks like the action will have to be postponed. Please provide solution ASAP.
Thanks very much in advance!
uxbod
Ambassador
Ambassador
Posts: 7811
Joined: Fri Sep 12, 2014 10:21 pm

ZIMBRA SMTP AUTH problem

Postby uxbod » Mon Jul 20, 2009 6:42 am

Why do you need to put your external IP address in the MTA trusted network field as the loopback is already in there :confused:
phoenix
Ambassador
Ambassador
Posts: 26682
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

ZIMBRA SMTP AUTH problem

Postby phoenix » Mon Jul 20, 2009 6:43 am

Setting the Zimbra public IP in the Trusted Network will make the server an open relay, ZImbra is not by default an open relay and un-authenticated users can not relay through the server.
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
siomon.liu
Advanced member
Advanced member
Posts: 68
Joined: Sat Sep 13, 2014 12:22 am
ZCS/ZD Version: Release 8.7.3_GA_1750.RHEL7_64_2017

ZIMBRA SMTP AUTH problem

Postby siomon.liu » Mon Jul 20, 2009 9:06 am

[quote user="10330phoenix"]Setting the Zimbra public IP in the Trusted Network will make the server an open relay, ZImbra is not by default an open relay and un-authenticated users can not relay through the server.[/QUOTE]
:(


1.

I try to use one of below ip address,but can not save the configure.

local interface

loopback interface
2.

now 'mta trusted network' have been changed to

local interface(is zimbra internet ip address)

and loopback interface (127.0.0.1).

but i also can send mail without auth by client in my home.
How to setup the configure?
Pls help to solve.

Appreciate for your help.

1.JPG


2.JPG


3.JPG

phoenix
Ambassador
Ambassador
Posts: 26682
Joined: Fri Sep 12, 2014 9:56 pm
Location: Liverpool, England

ZIMBRA SMTP AUTH problem

Postby phoenix » Mon Jul 20, 2009 9:29 am

Is your server on a LAN or directly connected to the internet?
For the loopback interface you need the following:
127.0.0.0/8
Regards

Bill

Rspamd: A high performance spamassassin replacement

Per ardua ad astra
User avatar
siomon.liu
Advanced member
Advanced member
Posts: 68
Joined: Sat Sep 13, 2014 12:22 am
ZCS/ZD Version: Release 8.7.3_GA_1750.RHEL7_64_2017

ZIMBRA SMTP AUTH problem

Postby siomon.liu » Mon Jul 20, 2009 9:48 am

[quote user="10330phoenix"]Is your server on a LAN or directly connected to the internet?
For the loopback interface you need the following:
127.0.0.0/8
[/QUOTE]

now i setup
zmprov ms gbd.hand-china.com zimbraMtaMyNetworks '127.0.0.0/8'


after setup ,i test again.
then send mail to other domain with auth.
'8568518@xx.com',时间为 2009-07-20 22:43

554 5.7.1 : Relay access denied

but for local domain send mail without auth.
admin@test.zimbra.com to test@test.zimbra.com is successful without auth.
why? :(:confused:

Return to “Administrators”

Who is online

Users browsing this forum: Majestic-12 [Bot] and 16 guests