Exporting all addresses: Difference between revisions

(example scripts for extracting data for auto-prov of backup mx accept lists)
 
No edit summary
Line 1: Line 1:
Exporting all addresses (mailboxes, aliases and distribution lists) is a vital tool if you have a backup MX and only want it to accept email for valid recipients. One reason for that is to stop spammers who simply use a dictionary of common names to generate recipient email addresses which would flood a backup MX with undeliverable email. Some anti-spam providers (e.g. Postini) have automatic provisioning processes for making this possible.
Exporting all addresses (mailboxes, aliases and distribution lists) is a vital tool if you have a backup MX and only want it to accept email for valid recipients. One reason for that is to stop spammers who simply use a dictionary of common names to generate recipient email addresses which would flood a backup MX with undeliverable email. Some anti-spam providers (e.g. Postini) have automatic provisioning processes for making this possible.


Line 11: Line 10:


   /opt/zimbra/openldap/bin/ldapsearch -LLL -x -D"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_userdn | \
   /opt/zimbra/openldap/bin/ldapsearch -LLL -x -D"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_userdn | \
         awk '{print $3}'`" -w"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password   | \
         awk '{print $3}'`" -w"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | \
         awk '{print $3}'`" -H `/opt/zimbra/bin/zmlocalconfig ldap_url   |       \
         awk '{print $3}'`" -H `/opt/zimbra/bin/zmlocalconfig ldap_url | \
         awk '{print $3}'` $*   | \
         awk '{print $3}'` $* | \
         grep ^mail                             | \
         grep ^mail | \
         awk '{print $2}'               | \
         awk '{print $2}' | \
         sort
         sort
If your backup MX is exim, then you need to add the following to the config file:
  accept
    local_parts = /etc/exim/zimbra_valid_emails.list
    domains = +relay_to_domains
  deny
The list of recipients needs to be converted to a form that exim will process, e.g.
  sed -e 's/^/^/' -e 's/\./\\\./' -e 's/@.*$/$/' > zimbra_valid_emails.list < valid_recipients.list

Revision as of 10:54, 3 January 2008

Exporting all addresses (mailboxes, aliases and distribution lists) is a vital tool if you have a backup MX and only want it to accept email for valid recipients. One reason for that is to stop spammers who simply use a dictionary of common names to generate recipient email addresses which would flood a backup MX with undeliverable email. Some anti-spam providers (e.g. Postini) have automatic provisioning processes for making this possible.


A naive process of extracting mailboxes looks like this:

 /opt/zimbra/bin/zmaccts | grep 'active' | egrep -v '^\W+' | awk '{print $1}'

Unfortunately, this doesn't give distribution lists and aliases, so a more sophisticated approach is necessary, for which there is no specific tool and requires using the ldap tool thus:

 /opt/zimbra/openldap/bin/ldapsearch -LLL -x -D"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_userdn | \
       awk '{print $3}'`" -w"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | \
       awk '{print $3}'`" -H `/opt/zimbra/bin/zmlocalconfig ldap_url | \
       awk '{print $3}'` $* | \
       grep ^mail | \
       awk '{print $2}' | \
       sort


If your backup MX is exim, then you need to add the following to the config file:

 accept
   local_parts = /etc/exim/zimbra_valid_emails.list
   domains = +relay_to_domains
 deny

The list of recipients needs to be converted to a form that exim will process, e.g.

 sed -e 's/^/^/' -e 's/\./\\\./' -e 's/@.*$/$/' > zimbra_valid_emails.list < valid_recipients.list
Jump to: navigation, search