[Users] zimbraAllowFromAddress and SMTP enforce

Guy CARRÉ guycarre at free.fr
Tue Jan 30 21:13:03 CET 2018 

  Aaron,

is user2 at domain2.com on the same zimbra server ?

Because on my side I can not add address which is already in used in the same Zimbra cluster and I got :
ERROR: service.INVALID_REQUEST (invalid request: zimbraAllowFromAddress may not contain an internal account:...

   Regards,

----- Mail original -----
> De: "Aaron Cayard-Roberts" <cayaraa at earlham.edu>
> À: "Guy CARRÉ" <guycarre at free.fr>
> Cc: users at lists.zetalliance.org
> Envoyé: Mardi 30 Janvier 2018 20:59:03
> Objet: Re: [Users] zimbraAllowFromAddress and SMTP enforce
> 
> Hey Guy,
> 
> I don't have an 8.0 or 8.6 install to test but I've been using zmprov
> to update the zimbraAllowFromAddres for users without any issues on
> our production 8.7 servers:
> 
> zmprov ma user at domain.com zimbraAllowFromAddress user2 at domain2.com
> 
> 
> -Aaron
> 
> ----- On Jan 30, 2018, at 2:47 PM, Guy CARRÉ guycarre at free.fr wrote:
> 
> > Hello the list,
> > 
> > when using SMTP enforcing :
> > https://wiki.zimbra.com/wiki/Enforcing_a_match_between_FROM_address_and_sasl_username_8.5
> > you are not allow to send from another address with a MUA unless
> > you have the
> > zimbraAllowFromAddress set.
> > 
> > For exemple my account is john at domain_A.tld
> > If I want to send from another internal address for example
> > bob at domain_A.tld
> > wich is not use I can put it
> > as zimbraAllowFromAddress. But if the address is already in used we
> > get an error
> > message indicated that
> > you can use an internal address.
> > With the webmail this is not a problem because you can use
> > delegation or ACL/ACE
> > but with a MUA this is not possible
> > because SMTP request for a ldap attribute like
> > zimbraAllowFromAddress is used to
> > match sender with the From address.
> > 
> > It was possible until 8.0.X to add an internal address in the
> > zimbraAllowFromAddres but since 8.6 it is impossible
> > (with 7071 or zmprov ).
> > 
> > So my question is simple how to you handle this ? On my side I use
> > ldapmodify to
> > add internal address in the zimbraAllowFromAddress
> > 
> >  Regards,
> > 
> > --
> >  ___________________________________
> > /                                   \
> > /-------------------------------------\
> >|  Guy CARRÉ                          |
> >|  *************                      |
> >|  PostMaster - WikiMaster - SysAdmin |
> >|                                     |
> >| "Free Your Mind. Think Open Source" |
> >|  april.org                          |
> >|                                     |
> > |_____________________________________|
> 
> --
> Aaron Cayard-Roberts
> System and Security Administrator
> Information Technology Services
> Earlham College
> 801 National Road West
> Richmond, IN 47374
> Phone: 765-983-1851
> 

-- 
  ___________________________________
 /                                   \
/-------------------------------------\
|  Guy CARRÉ                          |
|  *************                      |
|  PostMaster - WikiMaster - SysAdmin |
|                                     |
| "Free Your Mind. Think Open Source" |
|  april.org                          |
|                                     |
|_____________________________________|

More information about the Users mailing list