Smtpd recipient restrictions

Smtpd recipient restrictions



Requirement

Restrict a user, receiving emails from all and allow from mentioned domains/users only. This can be done per user or domain.

Steps to follow

Setp-1
Edit "/opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf"
Add below line right after "%%contains VAR:zimbraServiceEnabled cbpolicyd, check_policy_service inet:localhost:@@cbpolicyd_bind_port@@%%"
check_recipient_access lmdb:/opt/zimbra/conf/protected_recipients
Step-2
Create empty fille
touch /opt/zimbra/conf/protected_recipients
Step-3
Add the entry like below to the "/opt/zimbra/conf/protected_recipients", for whom you want to protect.
usera@recipient.com       permitted_senders_list
Notes:
If the domain (i.e.: recipient.com) mentioned then this rule will apply to all the users of recipient.
permitted_senders_list is a class name we use this in main.cf file.
Step-4
Create empty file
touch /opt/zimbra/conf/permitted_senders
Step-5
Add the entry like below to the "/opt/zimbra/conf/permitted_senders", whom you want to allow to send an email to protected recipients.
user@sender.com ok
sender2.com ok
Notes:
Add the home domain to accept emails from the same domain(i.e.: recipient.com).
If a domain mentioned then entire domain will be allowed.
Step-6
Generate lmdb files for permitted sender & recipients by running below commands.
postmap lmdb:/opt/zimbra/conf/permitted_senders
postmap lmdb:/opt/zimbra/conf/protected_recipients
Note:
To keep lmdb files updated, postmap should be executed whenever protected sender/recipients modified.
Step-7
Edit "/opt/zimbra/common/conf/main.cf" and add below lines at the end.
smtpd_restriction_classes = permitted_senders_list
permitted_senders_list = check_sender_access lmdb:/opt/zimbra/conf/permitted_senders, reject
Step-8
Restart Configd, MTA.
zmconfigdctl restart
zmmtactl restart
Notes:
Run all the commands as Zimbra user (su - zimbra).
Take a backup of respective files before the edit.

Validation

If email got from the unallowed sender
[zimbra.log]
postfix/smtpd[19610]: NOQUEUE: reject: RCPT from unknown[Sender IP address]: 554 5.7.1 <user@recipient.com>: Recipient address rejected: Access denied; from=<user@sender.com> to=<user@recipient.com> proto=ESMTP helo=<Sender hostname>
Submitted by: Raghu Noti
Verified Against: ZCS 8.8.15, ZCS 9.0 Date Created: 2020-09-27
Article ID: https://wiki.zimbra.com/index.php?title=Smtpd_recipient_restrictions Date Modified: 2020-09-27



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Jump to: navigation, search