Difference between revisions of "King0770-Notes-Ultra-Restrictive-Sending-And-Receiving"

(Avoid ID constraints)
(Use cbpolicyd)
Line 19: Line 19:
 
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(1,6,'DenySendAccess','REJECT','REJECT','',0);"
 
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(1,6,'DenySendAccess','REJECT','REJECT','',0);"
 
</pre></code>
 
</pre></code>
 +
 +
This should work as well if you need to prevent the user from sending messages to any accounts.
 +
<code><pre>
 +
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','any','',0);
 +
</pre></code>
 +
  
 
Now it's time to add a couple of internal accounts to prevent sending messages. <br>
 
Now it's time to add a couple of internal accounts to prevent sending messages. <br>

Revision as of 22:31, 2 February 2018

|ZCS 8.7 Article ZCS 8.7 |ZCS 9.0 Article ZCS 9.0


Scenario I

You have one or two accounts you want to prevent from sending messages to other internal accounts, but still receive messages.

Use cbpolicyd

Create a internal_restrict group, and a Access Control name called DenySendAccess.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policies" VALUES(6,'Restrict_Internal',0,'Restrict_Internal',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','%internal_domains','',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_groups" VALUES(3,'internal_restrict',0,'internal_restrict');"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(1,6,'DenySendAccess','REJECT','REJECT','',0);"

This should work as well if you need to prevent the user from sending messages to any accounts.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','any','',0);


Now it's time to add a couple of internal accounts to prevent sending messages.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(7,3,'rick@example.com.local',0,'Restrict Rick');"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(8,3,'john@example.com',0,'Restrict John');"

Avoid ID constraints

Getting this error?

Error: UNIQUE constraint failed: policy_group_members.ID

Try this small script

#!/bin/bash
#Description add user to the policy_group_members

if [ -z "$1" ]; then echo "Usage $0 user@example.com"; exit 0
else

TEST=`sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "select * from policy_group_members;" "" | tail -1 | awk -F"|" '{ print $1 }'`

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(`echo $(( $TEST + 1 ))`,3,'$1',0,'NULL');"
fi
Jump to: navigation, search