The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

|ZCS 8.7 Article ZCS 8.7 |ZCS 9.0 Article ZCS 9.0

Scenario I

You have one or two accounts you want to prevent from sending messages to other internal accounts, but still receive messages.

Use cbpolicyd

Create a internal_restrict group, and a Access Control name called DenySendAccess.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policies" VALUES(6,'Restrict_Internal',0,'Restrict_Internal',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','%internal_domains','',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_groups" VALUES(3,'internal_restrict',0,'internal_restrict');"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(1,6,'DenySendAccess','REJECT','REJECT','',0);"

This should work as well if you need to prevent the user from sending messages to any accounts.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_members" VALUES(6,6,'%internal_restrict','any','',0);"

Now it's time to add a couple of internal accounts to prevent sending messages.

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(7,3,'',0,'Restrict Rick');"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(8,3,'',0,'Restrict John');"

Avoid ID constraints

Getting this error?

Error: UNIQUE constraint failed: policy_group_members.ID

Try this small script

#Description add user to the policy_group_members

if [ -z "$1" ]; then echo "Usage $0"; exit 0

TEST=`sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "select * from policy_group_members;" "" | tail -1 | awk -F"|" '{ print $1 }'`

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_group_members" VALUES(`echo $(( $TEST + 1 ))`,3,'$1',0,'NULL');"

Scenario II

Restrict users to certain domain, as per
Another cbpolicyd solution

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policies" VALUES(7,'Local_Only',0,'Local_Only',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "policy_members" VALUES(8,7,'%internal_domains','!%internal_domains','',0);"

sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb "INSERT INTO "access_control" VALUES(3,7,'LocalSendAccess','REJECT','REJECT','',0);"
Jump to: navigation, search