King0770-Notes-Whitelist-Spamassassin-MTA: Difference between revisions

(Created page with "<strong>Summary</strong><br> Describing the difference between Whitelisting with Spamassassin and MTA.<br> ==Section I - Whitelist by Spamassassin== <strong>Method 1</strong...")
 
No edit summary
Line 1: Line 1:
<strong>Summary</strong><br>
Describing the difference between Whitelisting with Spamassassin and MTA.<br>
Describing the difference between Whitelisting with Spamassassin and MTA.<br>


Line 26: Line 25:


==Section II - Whitelist by MTA==
==Section II - Whitelist by MTA==
===RBL Overide===
<strong>RBL Overide</strong>
You need to setup an MTA RBL over ride file. As the zimbra user do the following.<br>
You need to setup an MTA RBL over ride file. As the zimbra user do the following.<br>
<code><pre>
<code><pre>
Line 49: Line 48:


postmap /opt/zimbra/conf/postfix_rbl_override
postmap /opt/zimbra/conf/postfix_rbl_override
</pre></code>
==Section III - check_client_access by smtpd_recipient_restrictions==
1) Edit the /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf file, and add the following line at the top of the file
<code><pre>
%%contains VAR:zimbraMtaRestriction check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist%%
</pre></code>
2) Create the /opt/zimbra/conf/postfix_whitelist file with the following (this is an example)
<code><pre>
1.2.3.4  OK
6.7.8.9  OK
friendlydomain.com  OK
example.com  OK
</pre></code>
3) Run postmap on the /opt/zimbra/conf/postfix_whitelist file
<code><pre>
postmap /opt/zimbra/conf/postfix_whitelist
</pre></code>
4) Update the globalConfig to pick up the change
<code><pre>
zmprov mcf +zimbraMtaRestriction 'check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist'
</pre></code>
5) Restart configd and MTA to pick up the changes
<code><pre>
zmconfigdctl restart
zmmtactl restart
</pre></code>
6) Verify the changes
<code><pre>
zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist    <<== you should see this line
postconf | grep smtpd_recipient_restrictions
smtpd_recipient_restrictions = check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist  <<== smtpd_recipient_restrictions should contain check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist
</pre></code>
==Section IV - Test
<code><pre>
</pre></code>
</pre></code>

Revision as of 20:27, 29 December 2016

Describing the difference between Whitelisting with Spamassassin and MTA.

Section I - Whitelist by Spamassassin

Method 1 

touch /opt/zimbra/data/spamassassin/localrules/sauser.cf

Edit sauser.cf file, and add the following. 

whitelist_from jsmith@exampledomain.com

zmamavisdctl restart

Method 2 

su - zimbra
zmprov md perforce.com +amavisWhitelistSender jsmith@exampledomain.com

Method 2a 

zmprov ma rstokes@perforce.com +amavisWhitelistSender jsmith@exampledomain.com

Section II - Whitelist by MTA

RBL Overide You need to setup an MTA RBL over ride file. As the zimbra user do the following.

1) 
touch /opt/zimbra/conf/postfix_rbl_override

2) Add IP address(es) SPACE OK to the file, one IP address per line, example...

1.2.3.4  OK

3) 
postmap /opt/zimbra/conf/postfix_rbl_override

4)
zmprov mcf +zimbraMtaRestriction "check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override"

5)
zmmtactl restart

**Note**
After setting up the MTA RBL file, anytime afterwards you need to update the postfix_rbl_override file, you just need to run the postmap command against it; no need to restart the MTA each time the file is updated. 

postmap /opt/zimbra/conf/postfix_rbl_override

Section III - check_client_access by smtpd_recipient_restrictions

1) Edit the /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf file, and add the following line at the top of the file 

%%contains VAR:zimbraMtaRestriction check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist%%

2) Create the /opt/zimbra/conf/postfix_whitelist file with the following (this is an example) 

1.2.3.4   OK
6.7.8.9  OK
friendlydomain.com   OK
example.com   OK

3) Run postmap on the /opt/zimbra/conf/postfix_whitelist file 

postmap /opt/zimbra/conf/postfix_whitelist

4) Update the globalConfig to pick up the change 

zmprov mcf +zimbraMtaRestriction 'check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist'

5) Restart configd and MTA to pick up the changes 

zmconfigdctl restart
zmmtactl restart

6) Verify the changes 

zmprov gacf | grep zimbraMtaRestriction

zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist    <<== you should see this line

postconf | grep smtpd_recipient_restrictions

smtpd_recipient_restrictions = check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist   <<== smtpd_recipient_restrictions should contain check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist

==Section IV - Test 

          

                
                
        

        Retrieved from "http://wiki.zimbra.com/index.php?title=King0770-Notes-Whitelist-Spamassassin-MTA&oldid=63240"        

        
                        
                
                        

        
                
      

      
                
        

          Jump to: navigation,
          search