King0770-Notes-Ultra-Restrictive-Sending-And-Receiving
- This article is a Community contribution and may include unsupported customizations.
- This article is a Work in Progress, and may be unfinished or missing sections.
Scenario
You have one or two accounts you want to prevent from sending messages to other internal accounts, but still receive messages.
Use cbpolicyd
Create a internal_restrict group, and a Access Control name called DenySendAccess.
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policies" VALUES(6,'Restrict_Internal',0,'Restrict_Internal',0);"
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','%internal_domains','',0);"
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_groups" VALUES(3,'internal_restrict',0,'internal_restrict');"
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(1,6,'DenySendAccess','REJECT','REJECT','',0);"
Now it's time to add a couple of internal accounts to prevent sending messages.
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(7,3,'rick@example.com.local',0,'Restrict Rick');"
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(8,3,'john@example.com',0,'Restrict John');"
Avoid ID constraints
Getting this error?
Error: UNIQUE constraint failed: policy_group_members.ID
Try this small script
#!/bin/bash
#Description add user to the policy_group_members
TEST=`sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "select * from policy_group_members;" "" | tail -1 | awk -F"|" '{ print $1 }'`
echo $(( $TEST + 1 )) > /dev/null
sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(`echo $(( $TEST + 1 ))`,3,'$1',0,'NULL');"