How To Improvement Sender Must Login/Enforcing a Match Between From Address and sasl username On Zimbra 8.5

If using Zimbra 8.5, you can following this instruction


su - zimbra
zmprov mcf zimbraMtaSmtpdSenderLoginMaps proxy:ldap:/opt/zimbra/conf/ldap-slm.cf +zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch





Above configuration will not accept the user to relay emails using a different email address from user to authenticate with smtp



open file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add reject_sender_login_mismatch after permit_mynetworks


permit_mynetworks, reject_sender_login_mismatch




Above configuration will not accept if user not use authentication/password. After a minute, zmconfigd will update the postfix configuration automatically and apply the new rules. The following is example test use telnet after improve configuration sender must login/anti fake mail


ahmad:~ # telnet mail.myemailserver.net 25
Trying 103.xxx.xxx.xxx
Connected to mail.myemailserver.net.
Escape character is '^]'.
220 mail.myemailserver.net ESMTP Postfix
ehlo mail
250-mail.myemailserver.net
250-PIPELINING
250-SIZE 10240000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from:admin@myemailserver.net
250 2.1.0 Ok
rcpt to:admin@myemailserver.net
553 5.7.1 <admin@myemailserver.net> Sender address rejected: not logged in




The test above rejected with message not logged in.











































Nhận xét











Đăng nhận xét



















Bài đăng phổ biến từ blog này









CLEANING UP THE ZABBIX DATABASE





















 My Zabbix database size increased a lot in the last few months and since my disk was running out space, I decided to clean up the old events from the database.   Looking at the database tables, the biggest one was  history_uint , which holds the items history data – over 400 millions of records and over 30 Gb of disk space before the clean up.   Since deleting the old records from this table directly would be a very slow process, I decided to create a new table and insert the latest records from the  history_uint  table and then just replace the old table with a new one.   Since this is not an offical procedure, use it at your own risk.   Environment:  Zabbix v2.2  MySql 5.1 – InnoDB with  innodb_file_per_table=ON   Step 1 – Stop the Zabbix server   Step 2 – Open your favourite MySQL client and create a new table   CREATE TABLE  history_uint_new  LIKE  history_uint;   Step 3 – Insert the latest records from the  history_uint  table to the  history_uint_new table   First you need to de








Đọc thêm










Configuring DHCP Relay service on the FortiGate unit





















 Configuring DHCP Relay service on the FortiGate unit  If the clients are configured to obtain a IP address using DHCP relay, configure the FortiGate server as below:   To configure DHCP relay on the FortiGate unit    1. Go to System > Network > Interfaces and select Interface want to configure DHCP relay.    2. Enable DHCP Server in the interface and choose Advanced    3. For Mode, select Relay.    4. In Type select Regular.    5. Select OK.    6. If a router is installed between the FortiGate unit and the DHCP server, define a static route to the DHCP server.   Note : Sometimes it is required to specify more than one DHCP relay IP, to allow for the coverage of additional LAN subnets. Although the Web Based Manager (GUI) does not provide an option to configure this, it is possible to set up to 8 IPs from the CLI.         config system interface              edit <REQUIRED_INTERFACE_HERE>                set dhcp-relay-ip <FIRST_IP> <SECOND_IP> ....<EIGHTH_IP&








Đọc thêm










WAN link load balancing




















Hình ảnh







 W A N link load balancing   In the same way that incoming traffic can be load balanced, outgoing or WAN traffic can also be load balanced and for the same three reasons.   1 .  Reduce the places in the work flow where a single point of failure can bring the process to a halt.   2 .  Expand the capacity of the resources to handle the required workload.   3 .  Have it configured so that the process of balancing the workload is automatic.   Often, it can be just as important for an organizations members to be able to access the Internet as it is for the denizens of the Internet to access the Web facing resources.   There is now a  WA N Load Balancing  feature located in the  N e t w o r k  section of the GUI (“WAN LLB”).   As part of the new WAN Load Balancing feature, the FortiOS 5.2  R ou t e r > Static > Settings  GUI page has been removed. WAN Load Balancing should be used instead of the 5.2  E C M P Load Balancing Method  settings. The 5.2  L i n k Health Monitor  definitions 








Đọc thêm