Specific Whitelist/Blacklist per IP: Difference between revisions

No edit summary
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
{{WIP}}{{Article Infobox|{{admin}}|{{ZCS 8.5}}|{{ZCS 8.6}}|}}
{{BC|Certified}}
__FORCETOC__
<div class="col-md-12 ibox-content">
=Specific Whitelist/Blacklist per IP=
=Specific Whitelist/Blacklist per IP=
{{KB|{{ZC}}|{{ZCS 8.6}}|{{ZCS 8.5}}|}}
{{WIP}}
==Purpose==
==Purpose==
With ZCS 8.5 and later, it is possible to maintain an IP blacklist for connections to Postfix. This is useful in DoS and targeted spam attack scenarios.
With ZCS 8.5 and later, it is possible to maintain an IP blacklist for connections to Postfix. This is useful in DoS and targeted spam attack scenarios.
Line 35: Line 39:




{{Article Footer|Zimbra Collaboration 8.5, 8.6|04/15/2015}}
{{Article Footer|Zimbra Collaboration 8.5, 8.6|02/20/2015}}
{{NeedSME|Jeff|Quanah|Jenny}}
{{NeedSME|Jeff|Quanah|Jenny}}

Latest revision as of 09:40, 13 July 2015

  1. Zimbra Tech Center
  2. Certified
  3. Specific Whitelist/Blacklist per IP

Specific Whitelist/Blacklist per IP

   KB 21722        Last updated on 2015-07-13  




0.00
(0 votes)

Purpose

With ZCS 8.5 and later, it is possible to maintain an IP blacklist for connections to Postfix. This is useful in DoS and targeted spam attack scenarios.

Many clients use RBLs to block spammers from flooding their MTAs with spam. Unfortunately, perfectly valid sites occasionally end up on these lists. With ZCS 8.5 and later, it is possible to create an on-disk database map that allows the client to whitelist specific blacklisted IPs so that emails from those IPs still get delivered.

Resolution

Whitelist Edit /opt/zimbra/conf/postfix_rbl_override. Add IP address(es) SPACE OK to the file, one IP address per line: 

1.2.3.4 OK

Run the postmap to save and apply the changes in Postfix: 

postmap /opt/zimbra/conf/postfix_rbl_override

Run the zmprov to apply the changes to the Zimbra Collaboration Server: 

zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'

postmap will need to be rerun on the file any time an IP address is added or removed.

Blacklist Edit /opt/zimbra/conf/postfix_blacklist. Add IP address SPACE REJECT to the file, one IP address per line: 

1.2.3.4 REJECT

Run the postmap to save and apply the changes in Postfix: 

postmap /opt/zimbra/conf/postfix_blacklist

Run the zmprov to apply the changes to the Zimbra Collaboration Server: 

zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist'

postmap will need to be rerun on the file anytime an IP address is added or removed.

Additional Content


Verified Against: Zimbra Collaboration 8.5, 8.6 Date Created: 02/20/2015
Article ID: https://wiki.zimbra.com/index.php?title=Specific_Whitelist/Blacklist_per_IP Date Modified: 2015-07-13



Try Zimbra

Try Zimbra Collaboration with a 60-day free trial.
Get it now »

Want to get involved?

You can contribute in the Community, Wiki, Code, or development of Zimlets.
Find out more. »

Other help Resources

User Help Page »
Official Forums »
Zimbra Documentation Page »

Looking for a Video?

Visit our YouTube channel to get the latest webinars, technology news, product overviews, and so much more.
Go to the YouTube channel »


Wiki/KB reviewed by Jeff Quanah Jenny Last edit by Jorge de la Cruz
Retrieved from "http://wiki.zimbra.com/index.php?title=Specific_Whitelist/Blacklist_per_IP&oldid=60204"
Jump to: navigation, search