King0770-Notes-Whitelist-Spamassassin-MTA

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Methods between Spamassassin and MTA Whitelisting

Section I - Whitelist by Spamassassin

Method 1 

touch /opt/zimbra/data/spamassassin/localrules/sauser.cf

Edit sauser.cf file, and add the following. 

whitelist_from jsmith@exampledomain.com

zmamavisdctl restart

Alternatively, if you want to whitelist by domain, you can use...

whitelist_from *@exampledomain.com

Method 2 

su - zimbra
zmprov md domain.com +amavisWhitelistSender jsmith@exampledomain.com

OR

zmprov md domain.com +amavisWhitelistSender friendlydomain.net

Method 2a 

zmprov ma smithj@domain.com +amavisWhitelistSender bwayne@exampledomain.com 

OR

zmprov ma smithj@domain.com +amavisWhitelistSender friendlydomain.net

Section II - Whitelist by MTA

RBL Overide You need to setup an MTA RBL over ride file. As the zimbra user do the following.

1) 
touch /opt/zimbra/conf/postfix_rbl_override

2) Add IP address(es) SPACE OK to the file, one IP address per line, example...

1.2.3.4  OK

3) 
postmap /opt/zimbra/conf/postfix_rbl_override

4)
zmprov mcf +zimbraMtaRestriction "check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override"

5)
zmmtactl restart

**Note**
After setting up the MTA RBL file, anytime afterwards you need to update the postfix_rbl_override file, you just need to run the postmap command against it; no need to restart the MTA each time the file is updated. 

postmap /opt/zimbra/conf/postfix_rbl_override

Section III - check_sender_access by smtpd_recipient_restrictions

1) Edit the /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf file, and add the following line at the top of the file 

%%contains VAR:zimbraMtaRestriction check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist%%

2) Create the /opt/zimbra/conf/postfix_whitelist file with the following (this is an example) 

1.2.3.4   OK
6.7.8.9  OK
friendlydomain.com   OK
example.com   OK

3) Run postmap on the /opt/zimbra/conf/postfix_whitelist file 

postmap /opt/zimbra/conf/postfix_whitelist

4) Update the globalConfig to pick up the change 

zmprov mcf +zimbraMtaRestriction 'check_sender_access lmdb:/opt/zimbra/conf/postfix_whitelist'

5) Restart configd and MTA to pick up the changes 

zmconfigdctl restart
zmmtactl restart

6) Verify the changes 

zmprov gacf | grep zimbraMtaRestriction

zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist    <<== you should see this line

postconf | grep smtpd_recipient_restrictions

smtpd_recipient_restrictions = check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist   <<== smtpd_recipient_restrictions should contain check_client_access lmdb:/opt/zimbra/conf/postfix_whitelist
Retrieved from "http://wiki.zimbra.com/index.php?title=King0770-Notes-Whitelist-Spamassassin-MTA&oldid=63248"
Jump to: navigation, search