Difference between revisions of "Domain level blocking of users"

Line 1: Line 1:
Below mentioned are the steps to "REJECT" an external email address from sending mail to the users of the Zimbra Domain.  
+
{{ZC}}{{Article Infobox|{{admin}}|{{ZCS 7.0}}|{{ZCS 8.0}}|||}}
 +
Below mentioned are the steps to "REJECT" an external email address from sending mail to the users of the Zimbra Domain.
  
 
The same results can also be achieved using Amavis via [http://wiki.zimbra.com/index.php?title=Improving_Anti-spam_system#Implementing_Whitelist.2FBlacklist blacklisting].
 
The same results can also be achieved using Amavis via [http://wiki.zimbra.com/index.php?title=Improving_Anti-spam_system#Implementing_Whitelist.2FBlacklist blacklisting].
  
1. Edit zmmta.cf
+
1. Set the localconfig value for postfix_smtpd_sender_restrictions
 +
zmlocalconfig -e postfix_smtpd_sender_restrictions="hash:/opt/zimbra/postfix/conf/reject"
  
  vi /opt/zimbra/conf/zmmta.cf
+
2. Create file /opt/zimbra/postfix/conf/reject with the list of email addresses and domains to be rejected in the below format:
Add this line below (smtpd_recipient_restrictions):
+
  user@domain.com REJECT
  POSTCONF smtpd_sender_restrictions FILE postfix_sender_restrictions.cf
+
  domainX.com REJECT
  
2. Create file /opt/zimbra/conf/postfix_sender_restrictions.cf with the below line:
+
3. postmap it and restart postfix
  hash:/opt/zimbra/postfix/conf/reject
 
 
 
or:
 
 
 
  echo "hash:/opt/zimbra/postfix/conf/reject" > /opt/zimbra/conf/postfix_sender_restrictions.cf
 
 
 
3. Create file /opt/zimbra/postfix/conf/reject with the list of email address to be rejected in the below format:
 
  user@domain.com    REJECT
 
 
 
4. postmap it and restart postfix
 
 
   postmap /opt/zimbra/postfix/conf/reject
 
   postmap /opt/zimbra/postfix/conf/reject
 
   zmmtactl stop && zmmtactl start
 
   zmmtactl stop && zmmtactl start
  
You'll be able to see the changes show up in <tt>/opt/zimbra/log/zmmtaconfig.log</tt> .
+
You'll be able to see the changes show up in <tt>/opt/zimbra/log/zmconfigd.log</tt> .
 
 
Please note that this change will not survive an upgrade and you will have to redo these after the upgrade.
 
  
 
Reject messages will be logged in <tt>/var/log/zimbra.log</tt> ; format looks like this:
 
Reject messages will be logged in <tt>/var/log/zimbra.log</tt> ; format looks like this:
  
  [date / hostname] postfix/smtpd[####] NOQUEUE: reject: RCPT from [remote mta]: 554 5.7.1 <senders-email@DOMAIN>:  
+
  [date / hostname] postfix/smtpd[####] NOQUEUE: reject: RCPT from [remote mta]: 554 5.7.1 <senders-email@DOMAIN>:
 
  Sender address rejected: Access denied: from=<senders-email@DOMAIN> to=<local-zimbra-user@domain> proto=ESMTP helo=<remote mta>
 
  Sender address rejected: Access denied: from=<senders-email@DOMAIN> to=<local-zimbra-user@domain> proto=ESMTP helo=<remote mta>
  
 
The sender will receive a returned email declaring the rejection.
 
The sender will receive a returned email declaring the rejection.
  
{{Article Footer|Unknown|10/29/2008}}
+
{{Article Footer|ZCS 8.0, ZCS 7.0|03/21/2013}}
  
 
[[Category:Administration]]
 
[[Category:Administration]]
 +
[[Category:MTA]]

Revision as of 21:39, 25 March 2013

Admin Article

Article Information

This article applies to the following ZCS versions.

ZCS 7.0 Article ZCS 7.0 ZCS 8.0 Article ZCS 8.0


Below mentioned are the steps to "REJECT" an external email address from sending mail to the users of the Zimbra Domain.

The same results can also be achieved using Amavis via blacklisting.

1. Set the localconfig value for postfix_smtpd_sender_restrictions

zmlocalconfig -e postfix_smtpd_sender_restrictions="hash:/opt/zimbra/postfix/conf/reject"

2. Create file /opt/zimbra/postfix/conf/reject with the list of email addresses and domains to be rejected in the below format:

  user@domain.com REJECT
  domainX.com REJECT

3. postmap it and restart postfix

 postmap /opt/zimbra/postfix/conf/reject
 zmmtactl stop && zmmtactl start

You'll be able to see the changes show up in /opt/zimbra/log/zmconfigd.log .

Reject messages will be logged in /var/log/zimbra.log ; format looks like this:

[date / hostname] postfix/smtpd[####] NOQUEUE: reject: RCPT from [remote mta]: 554 5.7.1 <senders-email@DOMAIN>:
Sender address rejected: Access denied: from=<senders-email@DOMAIN> to=<local-zimbra-user@domain> proto=ESMTP helo=<remote mta>

The sender will receive a returned email declaring the rejection.

Verified Against: ZCS 8.0, ZCS 7.0 Date Created: 03/21/2013
Article ID: https://wiki.zimbra.com/index.php?title=Domain_level_blocking_of_users Date Modified: 2013-03-25



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »

Jump to: navigation, search