[Users] Disallow users to authenticate with smtp / hardening Zimbra
L Mark Stone
lmstone at lmstone.com
Sat May 25 23:10:43 CEST 2019
Barry,
IMAP clients typically use smtp-auth to send email.
___________________________
L. Mark Stone
Sent from my iPhone
> On May 25, 2019, at 2:26 PM, Barry de Graaff <info at barrydegraaff.tk> wrote:
>
> Thanks!
>
> Reading up on all that SMTP legacy, want to make sure I understand it all.
>
> Anyway, port 25 w/o authentication means, you can only use it to receive
> mail that the server is responsible for. So by disabling auth, postfix
> does not allow to relay for other domains not on the server.
>
> IMHO -o smtpd_sasl_auth_enable=no should become the default in new installations
> of Zimbra. As there is very little use for that in 2019 scenarios.
>
> Kind regards,
>
> Barry de Graaff
> Zeta Alliance
> Co-founder & Developer
> zetalliance.org | github.com/Zimbra-Community
>
> Signal: +31 617 220 227
> Fingerprint: 97f4694a1d9aedad012533db725ddd156d36a2d0
>
> ----- Original Message -----
> From: "Lorenzo Milesi" <maxxer at yetopen.it>
> To: "users" <users at lists.zetalliance.org>
> Sent: Saturday, 25 May, 2019 20:10:37
> Subject: Re: [Users] Disallow users to authenticate with smtp / hardening Zimbra
>
>> So, when I disable authentication on port 25, what features get disabled?
>
> Just SMTP auth on port 25. You will still be able to receive mails from other MX
>
>> Disabled 465 and 587.
>
> So now you'll be able to send mail only via web
>
> --
> Lorenzo Milesi - lorenzo.milesi at yetopen.it
>
> YetOpen S.r.l. - https://www.yetopen.it/
> Via Salerno 18 - 23900 Lecco - ITALY -
> Tel +39 0341 220 205 - Fax +39 178 6070 222
>
> Think green - Non stampare questa e-mail se non necessario / Don't print this email unless necessary
>
> -------- D.Lgs. 196/2003 e GDPR 679/2016 --------
> Tutte le informazioni contenute in questo messaggio sono riservate ed a uso esclusivo del destinatario.
> Tutte le informazioni ivi contenute, compresi eventuali allegati, sono da ritenere confidenziali e riservate secondo i termini
> del vigente D.Lgs. 196/2003 in materia di privacy e del Regolamento europeo 679/2016 - GDPR - e quindi ne e' proibita l'utilizzazione ulteriore non autorizzata.
> Nel caso in cui questo messaggio Le fosse pervenuto per errore, La invitiamo ad eliminarlo senza copiarlo, stamparlo, a non inoltrarlo a terzi e ad avvertirci non appena possibile.
> Grazie.
>
> Confidentiality notice: this email message including any attachment is for the sole use of the intended recipient and may contain confidential and privileged information;
> pursuant to Legislative Decree 196/2003 and the European General Data Protection Regulation 679/2016 - GDPR - any unauthorized review, use, disclosure or distribution
> is prohibited. If you are not the intended recepient please delete this message without copying, printing or forwarding it to others, and alert us as soon as possible.
> Thank you.
>
More information about the Users
mailing list