Exporting all addresses

Exporting all addresses (mailboxes, aliases and distribution lists) is a vital tool if you have a backup MX and only want it to accept email for valid recipients. One reason for that is to stop spammers who simply use a dictionary of common names to generate recipient email addresses which would flood a backup MX with undeliverable email. Some anti-spam providers (e.g. Postini) have automatic provisioning processes for making this possible.

A naive process of extracting mailboxes looks like this:

 /opt/zimbra/bin/zmaccts | grep 'active' | egrep -v '^\W+' | awk '{print $1}'

Unfortunately, this doesn't give distribution lists and aliases, so a more sophisticated approach is necessary, for which there is no specific tool and requires using the ldap tool thus:

 /opt/zimbra/openldap/bin/ldapsearch -LLL -x -D"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_userdn | \
       awk '{print $3}'`" -w"`/opt/zimbra/bin/zmlocalconfig -s zimbra_ldap_password | \
       awk '{print $3}'`" -H `/opt/zimbra/bin/zmlocalconfig ldap_url | \
       awk '{print $3}'` $* | \
       grep ^mail | \
       awk '{print $2}' | \
       sort

If your backup MX is exim, then you need to add the following to the config file:

 accept
   local_parts = /etc/exim/zimbra_valid_emails.list
   domains = +relay_to_domains
 deny

The list of recipients needs to be converted to a form that exim will process, e.g.

 sed -e 's/^/^/' -e 's/\./\\\./' -e 's/@.*$/$/' > zimbra_valid_emails.list < valid_recipients.list