Block user to send email locally or externally
Block user to send email locally or externally
Problem
How to block users to send email locally or externally.
Solution
ZCS 8.8.x and Later
Step 1:
Open file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add the below line at the top.
%%contains VAR:zimbraMtaSmtpdSenderRestrictions check_sender_access lmdb:/opt/zimbra/common/conf/restricted_senders%%
Then execute:
zmprov ms `zmhostname` +zimbraMtaSmtpdSenderRestrictions "check_sender_access lmdb:/opt/zimbra/common/conf/restricted_senders"
Step 2:
Open file /opt/zimbra/conf/zmconfigd.cf and add below lines before "RESTART mta".
POSTCONF smtpd_restriction_classes local_only POSTCONF local_only FILE postfix_check_recipient_access.cf
Note: We can find like below
SECTION mta DEPENDS amavis ----------- ----------- ----------- RESTART mta
Step 3:
Create a file /opt/zimbra/conf/postfix_check_recipient_access.cf and add the following line.
check_recipient_access lmdb:/opt/zimbra/common/conf/local_domains, reject
Step 4:
Create a file /opt/zimbra/common/conf/restricted_senders and enter the list of users that you want to block. Follow this syntax:
user@yourdomain.com local_only
Step 5:
Create an empty file /opt/zimbra/common/conf/local_domains, here we list all the domains where restricted users allowed to send mails. But we will keep this blank file as we don't want to send emails inside or outside from this id.
Following is the command :
touch /opt/zimbra/common/conf/local_domains
Note: When we keep this file empty restricted sender can not send self email as well.
i.e.: Allow User/Domain (user@domain.com OK/domain.com OK)
Step 6:
Set ownership permissions for created files
chown zimbra:zimbra /opt/zimbra/conf/postfix_check_recipient_access.cf chmod 644 /opt/zimbra/conf/postfix_check_recipient_access.cf
chown :zimbra /opt/zimbra/common/conf/restricted_senders chmod 775 /opt/zimbra/common/conf/restricted_senders
chown :zimbra /opt/zimbra/common/conf/local_domains chmod 775 /opt/zimbra/common/conf/local_domains
Step 7:
Run the below commands as Zimbra user.
postmap /opt/zimbra/common/conf/restricted_senders postmap /opt/zimbra/common/conf/local_domains zmmtactl stop zmmtactl start
Submitted by: Navdeep Mathur |