King0770-Notes-Whitelist-Spamassassin-MTA: Difference between revisions
(Created page with "<strong>Summary</strong><br> Describing the difference between Whitelisting with Spamassassin and MTA.<br> ==Section I - Whitelist by Spamassassin== <strong>Method 1</strong...") |
No edit summary |
||
Line 1: | Line 1: | ||
Describing the difference between Whitelisting with Spamassassin and MTA.<br> | Describing the difference between Whitelisting with Spamassassin and MTA.<br> | ||
Line 26: | Line 25: | ||
==Section II - Whitelist by MTA== | ==Section II - Whitelist by MTA== | ||
<strong>RBL Overide</strong> | |||
You need to setup an MTA RBL over ride file. As the zimbra user do the following.<br> | You need to setup an MTA RBL over ride file. As the zimbra user do the following.<br> | ||
<code><pre> | <code><pre> | ||
Line 49: | Line 48: | ||
postmap /opt/zimbra/conf/postfix_rbl_override | postmap /opt/zimbra/conf/postfix_rbl_override | ||
</pre></code> | |||
==Section III - check_client_access by smtpd_recipient_restrictions== | |||
1) Edit the /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf file, and add the following line at the top of the file | |||
<code><pre> | |||
%%contains VAR:zimbraMtaRestriction check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist%% | |||
</pre></code> | |||
2) Create the /opt/zimbra/conf/postfix_whitelist file with the following (this is an example) | |||
<code><pre> | |||
1.2.3.4 OK | |||
6.7.8.9 OK | |||
friendlydomain.com OK | |||
example.com OK | |||
</pre></code> | |||
3) Run postmap on the /opt/zimbra/conf/postfix_whitelist file | |||
<code><pre> | |||
postmap /opt/zimbra/conf/postfix_whitelist | |||
</pre></code> | |||
4) Update the globalConfig to pick up the change | |||
<code><pre> | |||
zmprov mcf +zimbraMtaRestriction 'check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist' | |||
</pre></code> | |||
5) Restart configd and MTA to pick up the changes | |||
<code><pre> | |||
zmconfigdctl restart | |||
zmmtactl restart | |||
</pre></code> | |||
6) Verify the changes | |||
<code><pre> | |||
zmprov gacf | grep zimbraMtaRestriction | |||
zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist <<== you should see this line | |||
postconf | grep smtpd_recipient_restrictions | |||
smtpd_recipient_restrictions = check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist <<== smtpd_recipient_restrictions should contain check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist | |||
</pre></code> | |||
==Section IV - Test | |||
<code><pre> | |||
</pre></code> | </pre></code> |
Revision as of 20:27, 29 December 2016
Describing the difference between Whitelisting with Spamassassin and MTA.
Section I - Whitelist by Spamassassin
Method 1
touch /opt/zimbra/data/spamassassin/localrules/sauser.cf
Edit sauser.cf file, and add the following.
whitelist_from jsmith@exampledomain.com
zmamavisdctl restart
Method 2
su - zimbra
zmprov md perforce.com +amavisWhitelistSender jsmith@exampledomain.com
Method 2a
zmprov ma rstokes@perforce.com +amavisWhitelistSender jsmith@exampledomain.com
Section II - Whitelist by MTA
RBL Overide
You need to setup an MTA RBL over ride file. As the zimbra user do the following.
1)
touch /opt/zimbra/conf/postfix_rbl_override
2) Add IP address(es) SPACE OK to the file, one IP address per line, example...
1.2.3.4 OK
3)
postmap /opt/zimbra/conf/postfix_rbl_override
4)
zmprov mcf +zimbraMtaRestriction "check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override"
5)
zmmtactl restart
**Note**
After setting up the MTA RBL file, anytime afterwards you need to update the postfix_rbl_override file, you just need to run the postmap command against it; no need to restart the MTA each time the file is updated.
postmap /opt/zimbra/conf/postfix_rbl_override
Section III - check_client_access by smtpd_recipient_restrictions
1) Edit the /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf file, and add the following line at the top of the file
%%contains VAR:zimbraMtaRestriction check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist%%
2) Create the /opt/zimbra/conf/postfix_whitelist file with the following (this is an example)
1.2.3.4 OK
6.7.8.9 OK
friendlydomain.com OK
example.com OK
3) Run postmap on the /opt/zimbra/conf/postfix_whitelist file
postmap /opt/zimbra/conf/postfix_whitelist
4) Update the globalConfig to pick up the change
zmprov mcf +zimbraMtaRestriction 'check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist'
5) Restart configd and MTA to pick up the changes
zmconfigdctl restart
zmmtactl restart
6) Verify the changes
zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist <<== you should see this line
postconf | grep smtpd_recipient_restrictions
smtpd_recipient_restrictions = check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist <<== smtpd_recipient_restrictions should contain check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist
==Section IV - Test