From Zimbra :: Wiki

Below mentioned are the steps to "REJECT" an external email address from sending mail to the users of the Zimbra Domain.

The same results can also be achieved using Amavis via blacklisting.

1. Edit zmmta.cf

 vi /opt/zimbra/conf/zmmta.cf

Add this line below (smtpd_recipient_restrictions):

 POSTCONF smtpd_sender_restrictions FILE postfix_sender_restrictions.cf

2. Create file /opt/zimbra/conf/postfix_sender_restrictions.cf with the below line:

  hash:/opt/zimbra/postfix/conf/reject

or:

 echo "hash:/opt/zimbra/postfix/conf/reject" > /opt/zimbra/conf/postfix_sender_restrictions.cf

3. Create file /opt/zimbra/postfix/conf/reject with the list of email address to be rejected in the below format:

  user@domain.com     REJECT

4. postmap it and restart postfix

 postmap /opt/zimbra/postfix/conf/reject
 zmmtactl stop && zmmtactl start

You'll be able to see the changes show up in /opt/zimbra/log/zmmtaconfig.log .

Please note that this change will not survive an upgrade and you will have to redo these after the upgrade.

Reject messages will be logged in /var/log/zimbra.log ; format looks like this:

[date / hostname] postfix/smtpd[####] NOQUEUE: reject: RCPT from [remote mta]: 554 5.7.1 <senders-email@DOMAIN>: 
Sender address rejected: Access denied: from=<senders-email@DOMAIN> to=<local-zimbra-user@domain> proto=ESMTP helo=<remote mta>

The sender will receive a returned email declaring the rejection.