Domain level blocking of users

From Zimbra :: Wiki

Jump to: navigation, search
   Article-check.png  - This is certified documentation and is protected for editing by Zimbra Employees & Moderators only.


Admin Article

Article Information

This article applies to the following ZCS versions.
  ZCS 7.0 Article  ZCS 7.0
  ZCS 8.0 Article  ZCS 8.0


Below mentioned are the steps to "REJECT" an external email address from sending mail to the users of the Zimbra Domain.

The same results can also be achieved using Amavis via blacklisting.

1. Set smtpd_sender_restrictions as appropriate for the version of ZCS

ZCS7:
zmlocalconfig -e postfix_smtpd_sender_restrictions="hash:/opt/zimbra/postfix/conf/reject"
ZCS8:
Add hash:/opt/zimbra/postfix/conf/reject  as the first line of /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf

2. Create file /opt/zimbra/postfix/conf/reject with the list of email addresses and domains to be rejected in the below format:

  user@domain.com REJECT
  domainX.com REJECT

3. postmap it and restart postfix

 postmap /opt/zimbra/postfix/conf/reject
 zmmtactl stop && zmmtactl start

You'll be able to see the changes show up in /opt/zimbra/log/zmconfigd.log .

Reject messages will be logged in /var/log/zimbra.log ; format looks like this:

[date / hostname] postfix/smtpd[####] NOQUEUE: reject: RCPT from [remote mta]: 554 5.7.1 <senders-email@DOMAIN>:
Sender address rejected: Access denied: from=<senders-email@DOMAIN> to=<local-zimbra-user@domain> proto=ESMTP helo=<remote mta>

The sender will receive a returned email declaring the rejection.

Verified Against: ZCS 8.0, ZCS 7.0 Date Created: 03/21/2013
Article ID: http://wiki.zimbra.com/index.php?title=Domain_level_blocking_of_users Date Modified: 06/4/2013
Personal tools