I have Zimbra 8.7.6GA (8.7.6.GA.1776.UBUNTU14.64 UBUNTU14_64 FOSS edition) and I wanted to hardening it in a way that no anonymous user could send email or
no one can spoof our domain to send email on behalf of someone else.
For that reason I've followed following links :
https://wiki.zimbra.com/wiki/Enforcing_ ... ername_8.5
https://wiki.zimbra.com/wiki/Rejecting_ ... _addresses
These solutions work to some extends but not 100%.
They don't work while the user uses thunderbird and trying to edit the From field in the email, which means thunderbird will send this somehow malformed message to zimbra and zimbra send the email to the user without any second thoughts.
I desperately looking for a solution here. I don't know where to look should I focus on spamassassin or postfix or is it just zimbra's configuration?
I just want to stop my internal users and I don't care about other domains spoof messages.
Please help me to prevent other users spoof their original emails.
you can see a screenshot of thunderbird here : https://imgur.com/4B62i1B
- Zimbra Collaboration 8.6 Patch 9 now available (includes fix for CVE-2017-8802). Read the announcement.
- Zimbra Collaboration 8.8.7 + Zimbra Connector for Outlook 8.8.7 are available.. Read the announcement.
- Are you a Zimbra Developer? You can find some interesting stuff in our Official GitHub: https://github.com/Zimbra and check the Community Projects too: https://github.com/Zimbra-Community/
Discuss your pilot or production implementation with other Zimbra admins or our engineers.
1 post • Page 1 of 1
Who is online
Users browsing this forum: No registered users and 19 guests