Domain Disclaimer Extension Admin UI

From Zimbra :: Wiki

Jump to: navigation, search
   Article-alert.png  - This article is a community contribution and may include unsupported customizations for network edition customers.



The community-provided "Domain Disclaimer Extension" is not compatible with ZCS 6.0. Do not upgrade to 6.0 if you run the domain disclaimer extension. See http://bugzilla.zimbra.com/show_bug.cgi?id=37698.


This project integrate a system/wide domain signature (disclaimer) in Zimbra.
It covers the entire process, from install altermime, modify your postfix configuration, extending your Zimbra LDAP schemas, create disclaimers scripts related and, finally, an Admin Extension for Admin UI to enable and set domain disclaimers.
I wrote a small tutorial for add a domain disclaimer using altermime. First of all, i recommend to read my Zimbra wiki about domain disclaimers and altermime:

Adding_a_disclaimer_(altermime)_or_footer

Now, we are going to integrate this domain signature to the Zimbra Admin interface.

Note: this project have been tested for Zimbra OS and NE 5.0.2 on Red Hat/CentOS 5.x. 32 bits
Note 2: In every Zimbra version you must check zimbra.schema file, becouse they change it in other versions.

We are working on this project, this howto is under construction...(check the "last modified date" at the end of this page, always...)


Contents

Automatic Script Installation

Download from Zimbra Gallery http://gallery.zimbra.com/files/uploads/aff2791/zimbra_altermime_0.0.4.zip the automatic install script (actual version: 0.0.4)
(Thanks Pato for the altermime RPM!!!)
Note: this automatic instalation script is only for Red Hat or CentOS 4.x or 5.x 32 bits and Zimbra 5.0.2 only

Unzip

  unzip zimbra_altermime_install_0.0.4.zip
  cd zimbra_altermime_install_0.0.4

Execute

  ./install.sh



Output example:

  [root@mail zimbra_altermime_0.0.4]# ./install.sh 
  OK
  #####################
  # ALTERMIME INSTALL #
  #####################
  1) Installing Altermime RPM
  
  What is your Red Hat/CentOS version? 4 or 5? [5] 
  Preparing...                ########################################### [100%]
          package alterMIME-0.3.8-1_rh5 is already installed
  2) Creating a filter directory...
  3) Creating disclaimers directory...
  #########################
  # POSTFIX CONFIGURATION #
  #########################
  4) Backup master.cf file...
  5) Modifying master.cf configuration
  
  What is your email INCOMMING IP? [192.168.0.62] 
  
  What is your email OUTGOING IP? [192.168.0.62] 
  6) Restarting Zimbra Postfix
  postfix/postfix-script: stopping the Postfix mail system
  Thu Feb 21 15:25:51 2008  Service archiving is not enabled.  Skipping archiving
  Thu Feb 21 15:25:51 2008  Service imapproxy is not enabled.  Skipping imapproxy
  Thu Feb 21 15:25:51 2008  Rewrote: /opt/zimbra/conf/salocal.cf
  Thu Feb 21 15:25:51 2008  Rewrote: /opt/zimbra/conf/clamd.conf
  Thu Feb 21 15:25:51 2008  Rewrote: /opt/zimbra/cyrus-sasl-2.1.22.3z/etc/saslauthd.conf
  Thu Feb 21 15:25:51 2008  Rewrote: /opt/zimbra/conf/postfix_header_checks
  Thu Feb 21 15:25:51 2008  Rewrote: /opt/zimbra/conf/freshclam.conf
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e sender_canonical_maps='ldap:/opt/zimbra/conf/ldap-scm.cf'
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e virtual_alias_domains='ldap:/opt/zimbra/conf/ldap-vad.cf'
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e recipient_delimiter=
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_tls_cert_file='/opt/zimbra/conf/smtpd.crt'
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_tls_auth_only='yes'
  Thu Feb 21 15:25:51 2008  Executing /opt/zimbra/postfix/sbin/postconf -e myhostname='mail.test.cl'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e virtual_mailbox_domains='ldap:/opt/zimbra/conf/ldap-vmd.cf'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e mydestination='localhost'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e mailbox_size_limit='0'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_client_restrictions='reject_unauth_pipelining'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e virtual_alias_maps='ldap:/opt/zimbra/conf/ldap-vam.cf'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e transport_maps='ldap:/opt/zimbra/conf/ldap-transport.cf'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e sendmail_path='/opt/zimbra/postfix-2.4.3.4z/sbin/sendmail'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e message_size_limit='10240000'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e broken_sasl_auth_clients='yes'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e alias_maps='hash:/etc/aliases'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e manpage_directory='/opt/zimbra/postfix-2.4.3.4z/man'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_helo_required='yes'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e daemon_directory='/opt/zimbra/postfix-2.4.3.4z/libexec'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e virtual_transport='error'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e mynetworks='127.0.0.0/8 192.168.0.0/24 '
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_recipient_restrictions='reject_non_fqdn_recipient, permit_sasl_authenticated,       permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_tls_loglevel='1'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e relayhost=
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e disable_dns_lookups='no'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e virtual_mailbox_maps='ldap:/opt/zimbra/conf/ldap-vmm.cf'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e version='2.4.3.4z'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e mailq_path='/opt/zimbra/postfix-2.4.3.4z/sbin/mailq'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e header_checks='pcre:/opt/zimbra/conf/postfix_header_checks'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_use_tls='yes'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e queue_directory='/opt/zimbra/postfix-2.4.3.4z/spool'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e newaliases_path='/opt/zimbra/postfix-2.4.3.4z/sbin/newaliases'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_data_restrictions='reject_unauth_pipelining'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_reject_unlisted_recipient='no'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_tls_key_file='/opt/zimbra/conf/smtpd.key'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e command_directory='/opt/zimbra/postfix-2.4.3.4z/sbin'
  Thu Feb 21 15:25:52 2008  Executing /opt/zimbra/postfix/sbin/postconf -e smtpd_sasl_auth_enable='yes'
  postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.4.3.4z/conf/disclaimers
  postfix/postfix-script: warning: not owned by root: /opt/zimbra/postfix-2.4.3.4z/conf/main.cf
  postfix/postfix-script: starting the Postfix mail system
  #########################
  # EXTENDING LDAP SCHEMA #
  #########################
  7) Changing zimbra.schema
  8) Restarting LDAP service
  Killing slapd with pid 7336 done.
  Started slapd: pid 18151
  #####################
  # DISCLAIMER SCRIPT #
  #####################
  9) Creating disclaimer script
  ###############################
  # SCRIPT FOR CHECK SIGNATURES #
  ###############################
  10) Installing perl RPMS
  warning: rpms5/perl-Convert-ASN1-0.21-2.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-HTML-Tagset-3.10-1.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-HTML-Parser-3.56-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-XML-NamespaceSupport-1.09-1.2.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-XML-SAX-0.16-1.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-Net-SSLeay-1.32-1.el5.rf.i386.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-IO-Socket-SSL-1.12-1.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  warning: rpms5/perl-LDAP-0.34-1.el5.rf.noarch.rpm: Header V3 DSA signature: NOKEY, key ID 6b8d79e6
  
  11) Creating /opt/zimbra/postfix/conf/check_disclaimers.sh
  
  Insert your ldap host [mail.test.cl] 
  
  Insert your ldap root password [xG3GnYzD3F] 
  12) Creating read_from_ldap.pl script
  13) Setting permissions
  14) Creating /etc/cron.hourly/check_disclaimer script
  ##################################
  # DEPLOYING DISCLAIMER EXTENSION #
  ##################################
  15) Deploying Domain Disclaimer Extension for Admin UI
  [] INFO: Deploying on mail.test.cl
  [] INFO: Deploy initiated.  (check the servers mailbox.log for the status)
  ###########
  # DONE!!! #
  ###########
  
  16) Set an signature for your domains (as zimbra user). For example:
          zmprov md mydomain.com zimbraDomainPrefMailSignatureEnabled TRUE
          zmprov md mydomain.com zimbraDomainPrefMailSignature "This is a domain disclaimer for mydomain.com"
          zmprov md mydomain.com zimbraDomainPrefMailSignatureHTML "This is a domain disclaimer for mydomain.com"
  
  17) Check your domain signature:
          zmprov gd mydomain.com | grep Signature
  
  18) Create domain signatures files:
          /opt/zimbra/postfix/conf/check_disclaimers.sh
  
  19) Logon in Admin interface and check for your Domain Extension...
  
  [root@mail zimbra_altermime_0.0.4]# su - zimbra
  [zimbra@mail ~]$ zmprov md test.cl zimbraDomainPrefMailSignatureEnabled TRUE
  
  [zimbra@mail ~]$ zmprov md test.cl zimbraDomainPrefMailSignature "This is a domain disclaimer for test.cl"
  
  [zimbra@mail ~]$ zmprov md test.cl zimbraDomainPrefMailSignatureHTML "This is a domain disclaimer for test.cl"
  
  [zimbra@mail ~]$ zmprov gd test.cl | grep Signature
  zimbraDomainPrefMailSignature: This is a domain disclaimer for test.cl
  zimbraDomainPrefMailSignatureEnabled: TRUE
  zimbraDomainPrefMailSignatureHTML: This is a domain disclaimer for test.cl
  
  [zimbra@mail ~]$ /opt/zimbra/postfix/conf/check_disclaimers.sh 
  Domain: test.cl         TRUE
  
  [zimbra@mail ~]$ ls /opt/zimbra/postfix/conf/disclaimers/
  test.cl  test.cl.html
  






Manual Install

Altermime Install


  • 2) Compile
  make


  • 3) Install altermime
  cp altermime /usr/local/bin/
  chown root.root /usr/local/bin/altermime
  chmod 755 /usr/local/bin/altermime


  • 4) Create a filter directory
  mkdir -p /opt/zimbra/var/spool/filter
  chown zimbra.zimbra /opt/zimbra/var/spool/filter/
  chmod 750 /opt/zimbra/var/spool/filter/


5) Create disclaimers directory

  mkdir -p /opt/zimbra/postfix/conf/disclaimers
  chown -R zimbra.zimbra /opt/zimbra/postfix/conf/disclaimers

Extending LDAP Schema

  • 6) You need to extend your LDAP schema: Edit /opt/zimbra/openldap/etc/openldap/schema/zimbra.schema

And add (line 40 aprox):

  objectIdentifier zimbraDomainPrefMailSignatureHTML ZimbraAttrType:656
  objectIdentifier zimbraDomainPrefMailSignature ZimbraAttrType:657
  objectIdentifier zimbraDomainPrefMailSignatureEnabled ZimbraAttrType:658

Line 3417 aprox.

  # Domain Disclaimer
  attributetype ( zimbraDomainPrefMailSignatureHTML
     NAME ( 'zimbraDomainPrefMailSignatureHTML' )
     DESC 'domain signature'
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
     EQUALITY caseIgnoreMatch
     SUBSTR caseIgnoreSubstringsMatch
     SINGLE-VALUE)
  
  attributetype ( zimbraDomainPrefMailSignature
     NAME ( 'zimbraDomainPrefMailSignature' )
     DESC 'domain signature'
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.15
     EQUALITY caseIgnoreMatch
     SUBSTR caseIgnoreSubstringsMatch
     SINGLE-VALUE)
  
  attributetype ( zimbraDomainPrefMailSignatureEnabled
     NAME ( 'zimbraDomainPrefMailSignatureEnabled' )
     DESC 'domain signature enabled'
     SYNTAX 1.3.6.1.4.1.1466.115.121.1.7
     EQUALITY booleanMatch
     SINGLE-VALUE)

In: objectclass ( zimbraDomain (Line 5274 aprox)

  ...
  zimbraDomainPrefMailSignatureEnabled $
  zimbraDomainPrefMailSignature $
  zimbraDomainPrefMailSignatureHTML $
  ...


  • 7) Restart your LDAP service (as zimbra user):
  /opt/zimbra/bin/ldap stop
  /opt/zimbra/bin/ldap start


  • 8) Add a signature for your domain (as zimbra user):
  zmprov md mydomain.com zimbraDomainPrefMailSignatureEnabled TRUE
  zmprov md mydomain.com zimbraDomainPrefMailSignature "This is a domain disclaimer for mydomain.com"
  zmprov md mydomain.com zimbraDomainPrefMailSignatureHTML "This is a HTML domain disclaimer for mydomain.com"


  • 9) Check for your domain disclaimer (as zimbra user):
  zmprov gd mydomain.com

You will see:

  ...
  zimbraDomainPrefMailSignature: This is a domain disclaimer for mydomain.com
  zimbraDomainPrefMailSignatureHTML: This is a HTML domain disclaimer for mydomain.com
  zimbraDomainPrefMailSignatureEnabled: TRUE
  ...

In this moment, you can enable and set a Domain Signature in your Zimbra LDAP!!!.


Zimbra Postfix Configuration

  • 10) Backup you master.cf file
  cp /opt/zimbra/postfix/conf/master.cf /opt/zimbra/postfix/conf/master.cf.orig


  • 11) Modify /opt/zimbra/postfix/conf/master.cf
  smtp      inet  n       -       n       -       -       smtpd
      -o content_filter=dfilt:
  dfilt   unix    -       n       n       -       -       pipe
      flags=Rq user=zimbra argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}

OPTION. To ensure disclaimer is added only to outbound mail:

   192.168.0.1:smtp    inet  n       -       n       -       -       smtpd
   192.168.0.2:smtp    inet  n       -       n       -       -       smtpd
      -o content_filter=dfilt:
   127.0.0.1:smtp      inet  n       -       n       -       -       smtpd
      -o content_filter=dfilt:
   dfilt   unix    -       n       n       -       -       pipe
   flags=Rq user=zimbra argv=/opt/zimbra/postfix/conf/disclaimer -f ${sender} -- ${recipient}

The first IP (192.168.0.1) should be the Incoming IP of the Zimbra server.
The second IP (192.168.0.2) should be the Outgoing IP of the Zimbra server.


  • 12) Restart Zimbra postfix (as zimbra user)
  chown root.postfix /opt/zimbra/postfix/conf/master.cf
  zmmtactl stop
  zmmtactl start

Disclaimer Script

  • 13) Create /opt/zimbra/postfix/conf/disclaimer file.

This is the last version of /opt/zimbra/postfix/conf/disclaimer script:

  #!/bin/sh
  INSPECT_DIR=/opt/zimbra/var/spool/filter
  SENDMAIL=/opt/zimbra/postfix/sbin/sendmail
  ZIMBRA_HOME="/opt/zimbra"
  POSTFIX_HOME="$ZIMBRA_HOME/postfix/conf"
  DISCLAIMER_HOME="$POSTFIX_HOME/disclaimers"
  
  # Exit codes from <sysexits.h>
  EX_TEMPFAIL=75
  EX_UNAVAILABLE=69
  
  # Clean up when done or when aborting.
  trap "rm -f in.$$" 0 1 2 3 15
  
  # Start processing.
  cd $INSPECT_DIR || { echo $INSPECT_DIR does not exist; exit $EX_TEMPFAIL; }
  
  cat > in.$$ || { echo Cannot save mail to file; exit $EX_TEMPFAIL; }
  
  # obtain domain name From
  domain=`grep "From:" in.$$ | cut -d "@" -f 2 | cut -d ">" -f 1`
  
  # check for attribute "zimbraDomainPrefMailSignatureEnabled"
  enable=`/opt/zimbra/bin/zmprov gd $domain | grep zimbraDomainPrefMailSignatureEnabled | awk '{print $2}'`
  
if [ -f "$DISCLAIMER_HOME/$domain" ]; then
  if [ ! -z $enable ]; then                    # if not empty
       if [ "$enable" = "TRUE" ]; then          # if value = TRUE
          echo "TRUE"
          # Add a disclaimer to the mail
          /usr/local/bin/altermime --input=in.$$ --disclaimer=$DISCLAIMER_HOME/$domain \
             --disclaimer-html=$DISCLAIMER_HOME/$domain.html \
             --xheader="X-Copyrighted-Material: Please visit http://www.$domain/privacy.htm" || { echo Message content rejected; exit $EX_UNAVAILABLE; }
       else
               echo "FALSE"                    # value is FALSE
       fi
  else
       echo "NONE"                             # domain doesn't have LDAP attributes
  fi
else
  echo "NONE"
fi
     
     
  $SENDMAIL -i "$@" < in.$$
  
  exit $?


  • 14) Set permissions
  chgrp zimbra /opt/zimbra/postfix/conf/disclaimer
  chmod 750 /opt/zimbra/postfix/conf/disclaimer

CheckSignatures script

Now, we are going to write a script for check domain signature for each domain, and save the zimbraDomainPrefMailSignature attribute into a text file, because altermime script can’t read from LDAP directly and need a text file to use. This script must be added to crontab.

  • 15) Install perl RPMS
  perl-Convert-ASN1
  perl-HTML-Parser
  perl-HTML-Tagset
  perl-IO-Socket-SSL
  perl-LDAP-0.34-1
  perl-libwww-perl
  perl-Net-SSLeay
  perl-URI
  perl-XML-NamespaceSupport
  perl-XML-SAX

Note: this RPMs can be downloaded from:

  http://apt.sw.be/redhat/el4/en/i386/RPMS.dag/
  http://mirror.centos.org/centos/4/os/i386/CentOS/RPMS/

If you have CentOS 4.x or 5.x, only execute:

  yum install perl-LDAP -y


  • 16) Create /opt/zimbra/postfix/conf/check_disclaimers.sh script:
  #!/bin/bash
  
  # Results:
  #    TRUE: domain have a signature enabled
  #    FALSE: domain don't have a signature enabled
  #    NONE: domain don't have LDAP attributes for domain signature
     
  ZIMBRA_HOME="/opt/zimbra"
  POSTFIX_HOME="$ZIMBRA_HOME/postfix/conf"
  DISCLAIMER_HOME="$POSTFIX_HOME/disclaimers"
  
  # check for every domain
  for domain in `/opt/zimbra/bin/zmprov gad`; do
     echo -ne "Domain: $domain \t"
     dom=`echo $domain | cut -d "." -f 1`         # get only subdomain
  
     # check for attribute "zimbraDomainPrefMailSignatureEnabled"
     enable=`/opt/zimbra/bin/zmprov gd $domain | grep zimbraDomainPrefMailSignatureEnabled | awk '{print $2}'`
  
     if [ ! -z $enable ]; then                    # if not empty
          if [ "$enable" = "TRUE" ]; then          # if value = TRUE
                  echo "TRUE"
                  # save the domain signature value into a text file
                  $POSTFIX_HOME/read_from_ldap.pl $domain $DISCLAIMER_HOME/$domain
          else
                  echo "FALSE"                    # value is FALSE
                  # delete text file if exists
                  if [ -f $DISCLAIMER_HOME/$domain ]; then
                          rm -f $DISCLAIMER_HOME/$domain
                          rm -f $DISCLAIMER_HOME/$domain.html
                  fi
          fi
     else
          echo "NONE"                             # domain doesn't have LDAP attributes
          # delete text file if exists
          if [ -f $DISCLAIMER_HOME/$domain ]; then
                  rm -f $DISCLAIMER_HOME/$domain
                  rm -f $DISCLAIMER_HOME/$domain.html
          fi
     fi
  
  done


  • 17) Create /opt/zimbra/postfix/conf/read_from_ldap.pl script (Thanks Pato!!!)

Don’t forget to set $server (your_ldap_server) and $pass (your_ldap_password) variables.

  #!/usr/bin/perl -w
  # don't forget to check $server and $pass variables!!!
  
  use strict;
  use Net::LDAP;
  
  # Fixed Variables
  my $server="X.X.X.X";
  my $user="uid=zimbra,cn=admins,cn=zimbra";
  my $pass="xxxxxx";
  
  # Variables
  my @domain = split(/\./,$ARGV[0]);
  my $base = "dc=" . join(',dc=', @domain);
  my ($sub,$top) = @domain;
  my $tmpfile = $ARGV[1];
 
  if (!$ARGV[1] || !$ARGV[0]){
      print "\n\tUse: read_from_ldap.pl domain file\n\n";
      exit();
  }
 
  my $ldap = Net::LDAP->new("$server");
  my $mesg = $ldap->bind("$user", password => "$pass");
 
  
  $mesg = $ldap->search (
          base => $base,
          filter => "(&(objectClass=zimbraDomain) (dc=$sub))",
          attrs => ['zimbraDomainPrefMailSignature']
      );
  
  foreach ($mesg->entries) {
          my @result= $_->{'asn'}->{'attributes'};
          if($result[0][0]{'vals'}[0]){
              open (TMPFILE,">$tmpfile");
              print TMPFILE "---------------------------------------------------\n";
              print TMPFILE "$result[0][0]{'vals'}[0]\n";
         }
          else {
              print "No signature\n"
          }
  };
 
  $mesg = $ldap->search (
          base => "$base",
          filter => "(&(objectClass=zimbraDomain) (dc=$sub))",
         attrs => ['zimbraDomainPrefMailSignatureHTML']
     );
  
 
  foreach ($mesg->entries) {
          my @result= $_->{'asn'}->{'attributes'};
          if($result[0][0]{'vals'}[0]){
              open (TMPFILE2,">$tmpfile.html");
              print TMPFILE2 "---------------------------------------------------\n";
              print TMPFILE2 "$result[0][0]{'vals'}[0]\n";
          }
          else {
              print "No HTML signature\n";
              system ("cp -f $tmpfile $tmpfile.html");
          }
  };
  
  $mesg = $ldap->unbind;


  • 18) Add execution permissions:
  chmod 755 /opt/zimbra/postfix/conf/check_disclaimers.sh
  chmod 755 /opt/zimbra/postfix/conf/read_from_ldap.pl


  • 19) Add this script in a crontab (as root user):

Create /etc/cron.hourly/check_disclaimer

  #!/bin/bash
  /opt/zimbra/postfix/conf/check_disclaimers.sh

Add excecution permissions:

  chmod 755 /etc/cron.hourly/check_disclaimer

Admin Extension for Zimbra UI

This is my disclaimer Admin Extension. This extension add a Disclaimer Tab into domain configuration.

With this extension you can enable and set the Domain Disclaimers. (Thanks Greg!!!)

Download Zimbra Gallery http://gallery.zimbra.com/files/uploads/aff2791/disclaimer.zip file (this file seems to have moved there: http://gallery.zimbra.com/type/zimlet/domain-signature-disclaimer), and Deploy it into Zimbra Admin Extensions.
Note: Rename Disclaimer.zip to disclaimer.zip

Also if you have additional extensions installed that are already creating tabs, you may need to modify the extension. Unzip it, open the .js file and change the tab # from 6 to 7 or whatever is required.

This a view of Domain Disclaimer Admin Extension:

Disclaimer extension.jpg









Troubleshooting

Email doesn't work

  • Check you zimbra logs:

/var/log/zimbra.log

  • Check your master.cf file:

/opt/zimbra/postfix/conf/master.cf

Don't add a disclaimer into emails

  • Check you zimbra logs:
  tail -f /var/log/zimbra.log
  • Check /opt/zimbra/postfix/conf/disclaimer permissions. For Example:
  -rwxr-xr-x 1 root   root     1528 Dec  3 07:25 check_disclaimers.sh
  -rwxr-x--- 1 root   zimbra   1457 Dec  3 07:30 disclaimer
  drwxr-xr-x 2 zimbra zimbra   4096 Dec  3 07:27 disclaimers
  -rw-r--r-- 1 zimbra zimbra   1727 Dec  3 07:17 main.cf
  -rw-r--r-- 1 root   postfix  5291 Dec  3 07:05 master.cf
  • Check if /opt/zimbra/postfix/conf/disclaimers/domain.com exists

LDAP Broken

  • Check your /opt/zimbra/openldap/etc/openldap/schema/zimbra.schema

There is a backup...


To Do

  • Enable TEXTAREA only when zimbraDomainPrefMailSignatureEnabled is TRUE
  • Enable Domain Disclaimer Admin UI to domain admins (without full admin access)


--
Daniel Eugenin M.
IT Linux

References

Bug 37698 - Domain Disclaimer Extension non-portable

Verified Against: Zimbra NE 5.0.2 on Red Hat/CentOS 5.x Date Created: 11/29/2007
Article ID: http://wiki.zimbra.com/index.php?title=Domain_Disclaimer_Extension_Admin_UI Date Modified: 10/15/2010
Personal tools