Hi , i have been completed fresh install of carbonio but i have problem
when i loged in with local ip , its normaly
but when i loged with external ip its always shows error and i cant login again
its says
@raystinger
Hi,
Sorry to hear about your trouble.
What I can assume:
1. Your server is configured using private IP address.
2. Your router has a public IP address that is acting as a nating IP for your server.
3. When you try to access your server using private IP from local LAN, you can do it.
4. When you try to access your server using public IP (Nating IP) from outside of your network, you find difficulties.
I would suggest as bellows:
1. Check the A & MX record of your server.
2. Check the Nating/Forwarding from your router to the server's private ip address
3. Check if there any issue in your network. If your server is reachable locally then it should be reachable via public IP address without any issue.
Try these and let us know.
Regards,
Sharif
@sharif but why i can loged on after zmcontrol restart ? and its work only 1 hour.
im using ns forwarder so im using local ip on my mx record
i have been used ufw and i block from incoming request with
https://mail.mydomain.co.id:7073/service/admin/soap
and i do block with
ufw deny 7073/tcp
ufw deny 7073/udp
and the result still come attack from that url
Mar 21 17:57:09 mail saslauthd[249191]: zmauth: authenticating against elected url 'https://mail.mydomain.co.id:7073/service/admin/soap/' ... Mar 21 17:57:09 mail saslauthd[249191]: zmpost: url='https://mail.mydomain.co.id:7073/service/admin/soap/' returned buffer->data='<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"/></soap:Header><soap:Body><soap:Fault><soap:Code><soap:Value>soap:Sender</soap:Value></soap:Code><soap:Reason><soap:Text>authentication failed for [ftp]</soap:Text></soap:Reason><soap:Detail><Error xmlns="urn:zimbra"><Code>account.AUTH_FAILED</Code><Trace>qtp1572127577-196:1711018629517:f24b21ca2edaeb8a</Trace></Error></soap:Detail></soap:Fault></soap:Body></soap:Envelope>', hti->error='' Mar 21 17:57:09 mail saslauthd[249191]: auth_zimbra: ftp auth failed: authentication failed for [ftp] Mar 21 17:57:09 mail saslauthd[249191]: : auth failure: [user=ftp] [service=smtp] [realm=] [mech=zimbra] [reason=Unknown] Mar 21 17:57:09 mail postfix/smtpd[303857]: warning: _gateway[192.168.200.252]: SASL LOGIN authentication failed: authentication failure, sasl_username=ftp
@sharif here is my mx and a record
$ttl 3600
@ IN SOA mydomain.co.id. mail.mydomain.co.id. (
10118 ; Serial
43200 ; Refresh
3600 ; Retry
3600000 ; Expire
2592000 ) ; Minimum
; Define the nameservers and the mail servers
IN NS ns2.externaldns.com.
mydomain.co.id. IN MX 5 mail.mydomain.co.id.
mail.mydomain.co.id. IN A 192.168.200.39
mail.mydomain.co.id. IN A 11.22.33.44( new added )
are these correct or not?
okay lets says my public ip its 11.22.33.44 and my local its 192.168.200.39 ( look on my config )
and here its setting on my router
on public ip 11.22.33.44 i open port 25,80,443,53 then i use tcp and dstnat to my local ip 192.168.200.39 (all port )
i do
zmproxyctl restart
and working again
What router you are using?
from any external device, If you telnet <mailserver_hostname> 25, does it connect?
Regards,
Sharif
@sharif yes its connect with force auth because im added
mynetwork = 127.0.0.1/8 192. 168.200.39/32
its function normaly without problems
- im use mikrotik rb750 gr3
config 11..22.33.44 as dstnat using tcp6 and forwarded to 192.168.200.39/32
thats all
- im use mikrotik rb750 gr3
config 11..22.33.44 as dstnat using tcp6 and forwarded to 192.168.200.39/32
thats all
previously im use zimbra 8.6 with same setting without any problem.
@sharif Hi sir i got my answer by myself
im searching for deep log then i have simply to tell about zimbra till carbonio
1. the default installations its very risky where smtp remote directly open
2. i find many request log from message log such as
filed to authenication http://mydomain.com:7073 invalid user name --> this is crazy and continous attack where finaly i found
the main problem its ddos big attack then make web server nginx send error http error 503 service unavailable
then the final result its
2024-03-22 19:55:43,338 INFO [main] [] misc - DoSFilter: Configured whitelist IPs = 192.168.200.39,127.0.0.1,::1,0:0:0:0:0:0:0:1
the ddos attack was gone and now my server its going work normally both internal and external IP s