Restrict users to certain domain
Restricting users to send mails to certain domains.
This document describes how to restrict a list of users for sending emails to limited domains. Other users can send mails anywhere. Everything I am doing here as Zimbra user.
Enter following in the file “/opt/zimbra/conf/postfix_recipient_restrictions.cf”. Make sure it is entered at the top of the file.
vi /opt/zimbra/conf/postfix_recipient_restrictions.cf check_sender_access hash:/opt/zimbra/postfix/conf/restricted_senders
Enter following in "/opt/zimbra/conf/zmmta.cf"
vi /opt/zimbra/conf/zmmta.cf POSTCONF smtpd_restriction_classes local_only POSTCONF local_only FILE postfix_check_recipient_access.cf
Create a file "/opt/zimbra/conf/postfix_check_recipient_access.cf"
vi /opt/zimbra/conf/postfix_check_recipient_access.cf check_recipient_access hash:/opt/zimbra/postfix/conf/local_domains, reject
Create a file "/opt/zimbra/postfix/conf/restricted_senders" and list all the users, whom you want to restrict. Follow this syntax:
vi /opt/zimbra/postfix/conf/restricted_senders firstname.lastname@example.org local_only
Create a file "/opt/zimbra/postfix/conf/local_domains" and list all the domains where "restricted users" allowed to sent mails. Please follow this syntax:
vi /opt/zimbra/postfix/conf/local_domains yourdomain.com OK otheralloweddomain.com OK
Run following commands:
postmap /opt/zimbra/postfix/conf/restricted_senders postmap /opt/zimbra/postfix/conf/local_domains zmmtactl stop zmmtactl start
After these settings, all the users listed in "/opt/zimbra/postfix/conf/restricted_senders" are restricted to send mails only to domain which are defined in "/opt/zimbra/postfix/conf/local_domains", other are fully allowed to send mails anywhere. These settings will not survive Zimbra upgrades, please make sure that you backup of all these settings while performing upgrades.
Important Note if you need to undo this configuration
Remove the two lines that were added to the zmmta.cf file. Make sure the Postfix setting smtpd_restriction_classes has nothing set. postconf -e smtpd_restriction_classes= zmmtactl reload