Results 1 to 10 of 10

Thread: DNSBL with "Whitelist Hosts/IP Addresses In Postfix" howto do this the zimbra way

Hybrid View

  1. #1
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    83
    Rep Power
    7

    Question DNSBL with "Whitelist Hosts/IP Addresses In Postfix" howto do this the zimbra way

    Hi all!

    I have been looking... but have not yet found an obvious "how to" do this the zimbra way i.e. with zmprov or in the admin gui.

    I have started using the dnsbl feature and am happy with the results i am getting with it... but as it is in the world of black lists I have noticed that from time to time one of the major German free mailer is being black listed, and today then one of the ip addresses of my mail service provider.

    I have come across a howto on howtoforge.com in which it describes how to do this with Postfix.
    But I am a bit reluctant to go and edit the zimbra ~/postfix/conf/main.cf file without asking in the forum.

    In short here is what is suggested to do in the howtoforge.com "how-to-whitelist-hosts-ip-addresses-in-postfix":


    1. Create a postfix/rbl_override file with one entry per line
      Code:
      1.2.3.4 OK
      1.2.3.5 OK
      mail.freemailer.tld OK
    2. Then run:
      Code:
      postmap /etc/postfix/rbl_override
    3. Next open postfix/main.cf and search for the smtpd_recipient_restrictions parameter. Add check_client_access hash: ..../postfix/rbl_override to that parameter, after reject_unauth_destination, but before the first blacklist.
      Like So:
      Code:
      [...]
      smtpd_recipient_restrictions = reject_invalid_hostname,
                                     reject_unauth_pipelining,
                                     permit_mynetworks,
                                     permit_sasl_authenticated,
                                     check_client_access hash: ..../postfix/rbl_override,
                                     reject_unauth_destination,
                                     reject_rbl_client dnsbl.sorbs.net,
                                     reject_rbl_client cbl.abuseat.org,
                                     permit
      [...]
    4. Then restart Postfix


    old question: So How Do You Do This The Zimbra Way?

    Revised question: How do you add Whitelists / or excludes to supplement DNSD, so that you can still obtain mail from a site that has been blacklisted on a DNSDL service.
    Above it is explained exactly how to do this with a stock Postfix install. Note the bold bits...

    Cheers
    Heinzg
    Last edited by heinzg; 02-25-2009 at 12:33 AM.
    Motions of a day at work -

  2. #2
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    If you wish to add RBLs then go to the Admin UI/Global Settings/MTA and add the RBLs on that page.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    83
    Rep Power
    7

    Question

    Quote Originally Posted by phoenix View Post
    If you wish to add RBLs then go to the Admin UI/Global Settings/MTA and add the RBLs on that page.
    Cheers for the reply, but I think i might have asked my question the wrong way, thus I have revised it in my original post.

    I know how to start using RBLs with zimbra in fact this is the way i normally would add the DNDBL services to my zimbra config...

    create a list file with the dnsbl services i want to use, and then:
    Code:
     
    list=`cat list.file` 
    for i in $list; do zmprov mcf +zimbraMtaRestriction "reject_rbl_client $i"; done
    My Qestion: I am using RBLs at the moment, i would like to know if there is a normed method of adding "check_client_access hash:" ( which is the file containing an exclude or whitelist ) statement to zimbra's ~/postfix/conf/main.cf, i.e. with zmprov?
    Motions of a day at work -

  4. #4
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    You can try
    Code:
    su - zimbra
    zmprov mcf  +zimbraMtaRestriction "check_client_access hash: /opt/zimbra/conf/rbl_override"
    zmcontrol stop ; zmcontrol start
    Don't forget to put the rbl_override file into the correct directory.

  5. #5
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    83
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    You can try
    Code:
    su - zimbra
    zmprov mcf  +zimbraMtaRestriction "check_client_access hash: /opt/zimbra/conf/rbl_override"
    zmcontrol stop ; zmcontrol start
    Don't forget to put the rbl_override file into the correct directory.
    Hi I did that and it is is in the config now, but the whitelist is not working as mails are still being blocked which are in the whitelist:

    Code:
    [zimbra@server ~]$ zmprov gcf zimbraMtaRestriction
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: check_client_access hash: /opt/zimbra/conf/rbl_override
    zimbraMtaRestriction: reject_rbl_client drone.abuse.ch
    zimbraMtaRestriction: reject_rbl_client spam.abuse.ch
    zimbraMtaRestriction: reject_rbl_client b.barracudacentral.org
    zimbraMtaRestriction: reject_rbl_client dnsbl.njabl.org
    zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
    zimbraMtaRestriction: reject_rbl_client psbl.surriel.com
    zimbraMtaRestriction: reject_rbl_client dnsbl.sorbs.net
    zimbraMtaRestriction: reject_rbl_client httpBL.abuse.ch
    zimbraMtaRestriction: reject_rbl_client cbl.abuseat.org
    I also did the following advance:
    Code:
    postmap /opt/zimbra/conf/rbl_override
    contents of /opt/zimbra/conf/rbl_override:
    Code:
    cat /opt/zimbra/conf/rbl_override
    213.165.64.20	OK
    mail.gmx.net	OK
    Any Ideas ?
    Motions of a day at work -

  6. #6
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Check /var/log/zimbra.log to see why it is being rejected; and also for any error messages about your configuration.

  7. #7
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    83
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    Check /var/log/zimbra.log to see why it is being rejected; and also for any error messages about your configuration.
    Code:
    Feb 25 11:05:10 server postfix/smtpd[8728]: NOQUEUE: reject: RCPT from mail.gmx.net[213.165.64.20]: 554 5.7.1 Service unavailable; Client host [213.165.64.20] blocked using spam.dnsbl.sorbs.net; Spam Received See: http://www.sorbs.net/lookup.shtml?213.165.64.20; from=<someperson@gmx.net> to=<heinzg@mymailserver.ltd> proto=SMTP helo=<mail.gmx.net>
    this is the start log don't see any errors:
    Code:
    Feb 25 11:43:41 server zimbramon[13626]: 13626:info: Starting services initiated by zmcontrol 
    Feb 25 11:43:42 server slapd[13725]: @(#) $OpenLDAP: slapd 2.3.43 (Aug 20 2008 11:59:27) $ 	build@build11.lab.zimbra.com:/home/build/p4/FRANKLIN/ThirdParty/openldap/openldap-2.3.43.5z/servers/slapd 
    Feb 25 11:43:42 server slapd[13726]: slapd starting 
    Feb 25 11:43:49 server zimbramon[13626]: 13626:info: Rewriting configs  antispam amavis antivirus amavis   webxml mailbox amavis antispam antivirus mta sasl    
    Feb 25 11:44:03 server zimbramon[13626]: 13626:info: Starting logger via zmcontrol 
    Feb 25 11:44:04 server zimbramon[13626]: 13626:info: Starting mailbox via zmcontrol 
    Feb 25 11:44:04 server zimbramon[14654]: 14654:info: zmmtaconfig: zmmtaconfig started on server.mail.local with loglevel=3 pid=14654 
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: status requested
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: file /opt/zimbra/log/zmmailboxd_manager.pid does not exist
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: assuming no other instance is running
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: file /opt/zimbra/log/zmmailboxd.pid does not exist
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: assuming no other instance is running
    Feb 25 11:44:05 server zmmailboxdmgr[14676]: no manager process is running
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: antispam: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: antivirus: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: ldap: Running 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: logger: Running 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: mailbox: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: mta: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: snmp: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: spell: Stopped 
    Feb 25 11:44:08 server zimbramon[14135]: 14135:info: 2009-02-25 11:44:01, STATUS: server.mail.local: stats: Stopped 
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: status requested
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: file /opt/zimbra/log/zmmailboxd_manager.pid does not exist
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: assuming no other instance is running
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: file /opt/zimbra/log/zmmailboxd.pid does not exist
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: assuming no other instance is running
    Feb 25 11:44:40 server zmmailboxdmgr[15966]: no manager process is running
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: start requested
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: checking if another instance of manager is already running
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: file /opt/zimbra/log/zmmailboxd_manager.pid does not exist
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: assuming no other instance is running
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: file /opt/zimbra/log/zmmailboxd.pid does not exist
    Feb 25 11:44:41 server zmmailboxdmgr[15975]: assuming no other instance is running
    Feb 25 11:44:41 server zmmailboxdmgr[15976]: wrote manager pid 15976 to /opt/zimbra/log/zmmailboxd_manager.pid
    Feb 25 11:44:41 server zmmailboxdmgr[15977]: wrote java pid 15977 to /opt/zimbra/log/zmmailboxd_java.pid
    Feb 25 11:44:41 server zmmailboxdmgr[15976]: manager started mailboxd/JVM with pid 15977
    Feb 25 11:44:41 server zimbramon[13626]: 13626:info: Starting antispam via zmcontrol 
    Feb 25 11:44:41 server amavis[16039]: starting.  /opt/zimbra/amavisd/sbin/amavisd at server.mail.local amavisd-new-2.5.4 (20080312), Unicode aware, LANG="en_US.UTF-8"
    Feb 25 11:44:41 server amavis[16039]: user=1001, EUID: 1001 (1001);  group=, EGID: 1001 1001 89 5 4 (1001 1001 89 5 4)
    Feb 25 11:44:41 server amavis[16039]: Perl version               5.008008
    Feb 25 11:44:42 server amavis[16039]: SpamControl: init_pre_chroot done
    Feb 25 11:44:42 server amavis[16043]: Net::Server: Process Backgrounded
    Feb 25 11:44:42 server amavis[16043]: Net::Server: 2009/02/25-11:44:42 Amavis (type Net::Server::PreForkSimple) starting! pid(16043)
    Feb 25 11:44:42 server amavis[16043]: Net::Server: Binding to UNIX socket file /opt/zimbra/data/amavisd/amavisd.sock using SOCK_STREAM
    Feb 25 11:44:42 server amavis[16043]: Net::Server: Binding to TCP port 10024 on host 127.0.0.1
    Feb 25 11:44:42 server amavis[16043]: Net::Server: Group Not Defined.  Defaulting to EGID '1001 1001 89 5 4'
    Feb 25 11:44:42 server amavis[16043]: Net::Server: User Not Defined.  Defaulting to EUID '1001'
    Feb 25 11:44:42 server zimbramon[13626]: 13626:info: Starting antivirus via zmcontrol 
    Feb 25 11:44:42 server amavis[16043]: Module Amavis::Conf        2.094
    Feb 25 11:44:42 server amavis[16043]: Module Archive::Zip        1.23
    Feb 25 11:44:42 server amavis[16043]: Module Compress::Zlib      1.42
    Feb 25 11:44:42 server amavis[16043]: Module Convert::TNEF       0.17
    Feb 25 11:44:42 server amavis[16043]: Module Convert::UUlib      1.11
    Feb 25 11:44:42 server amavis[16043]: Module DBD::mysql          4.007
    Feb 25 11:44:42 server amavis[16043]: Module DBI                 1.605
    Feb 25 11:44:42 server amavis[16043]: Module DB_File             1.817
    Feb 25 11:44:42 server amavis[16043]: Module Digest::MD5         2.36
    Feb 25 11:44:42 server amavis[16043]: Module Digest::SHA1        2.11
    Feb 25 11:44:42 server amavis[16043]: Module MIME::Entity        5.426
    Feb 25 11:44:42 server amavis[16043]: Module MIME::Parser        5.426
    Feb 25 11:44:42 server amavis[16043]: Module MIME::Tools         5.426
    Feb 25 11:44:42 server amavis[16043]: Module Mail::Header        2.03
    Feb 25 11:44:42 server amavis[16043]: Module Mail::Internet      2.03
    Feb 25 11:44:42 server amavis[16043]: Module Mail::SpamAssassin  3.002005
    Feb 25 11:44:42 server amavis[16043]: Module Net::DNS            0.63
    Feb 25 11:44:42 server amavis[16043]: Module Net::LDAP           0.36
    Feb 25 11:44:42 server amavis[16043]: Module Net::Server         0.97
    Feb 25 11:44:42 server amavis[16043]: Module Time::HiRes         1.9715
    Feb 25 11:44:42 server amavis[16043]: Module URI                 1.37
    Feb 25 11:44:42 server amavis[16043]: Module Unix::Syslog        1.1
    Feb 25 11:44:42 server amavis[16043]: Amavis::DB code      NOT loaded
    Feb 25 11:44:42 server amavis[16043]: Amavis::Cache code   NOT loaded
    Feb 25 11:44:42 server amavis[16043]: SQL base code        NOT loaded
    Feb 25 11:44:42 server amavis[16043]: SQL::Log code        NOT loaded
    Feb 25 11:44:42 server amavis[16043]: SQL::Quarantine      NOT loaded
    Feb 25 11:44:42 server amavis[16043]: Lookup::SQL code     NOT loaded
    Feb 25 11:44:42 server amavis[16043]: Lookup::LDAP code    loaded
    Feb 25 11:44:42 server amavis[16043]: AM.PDP-in proto code loaded
    Feb 25 11:44:42 server amavis[16043]: SMTP-in proto code   loaded
    Feb 25 11:44:42 server amavis[16043]: Courier proto code   NOT loaded
    Feb 25 11:44:42 server amavis[16043]: SMTP-out proto code  loaded
    Feb 25 11:44:42 server amavis[16043]: Pipe-out proto code  NOT loaded
    Feb 25 11:44:42 server amavis[16043]: BSMTP-out proto code NOT loaded
    Feb 25 11:44:42 server amavis[16043]: Local-out proto code loaded
    Feb 25 11:44:42 server amavis[16043]: OS_Fingerprint code  NOT loaded
    Feb 25 11:44:42 server amavis[16043]: ANTI-VIRUS code      loaded
    Feb 25 11:44:42 server amavis[16043]: ANTI-SPAM code       loaded
    Feb 25 11:44:42 server amavis[16043]: ANTI-SPAM-SA code    loaded
    Feb 25 11:44:42 server amavis[16043]: Unpackers code       loaded
    Feb 25 11:44:42 server amavis[16043]: Found $file            at /usr/bin/file
    Feb 25 11:44:42 server amavis[16043]: No $dspam,             not using it
    Feb 25 11:44:42 server amavis[16043]: No $altermime,         not using it
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .mail
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .asc 
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .uue 
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .hqx 
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .ync 
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .F    tried: unfreeze, freeze -d, melt, fcat
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .Z    at /usr/bin/gzip -d
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .gz   at /usr/bin/gzip -d
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .bz2  at /usr/bin/bzip2 -d
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .lzo  tried: lzop -d
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .rpm  at /usr/bin/rpm2cpio
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .cpio at /usr/bin/pax
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .tar  at /usr/bin/pax
    Feb 25 11:44:42 server amavis[16043]: Found decoder for    .deb  at /usr/bin/ar
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .zip 
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .7z   tried: 7zr, 7za, 7z
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .rar  tried: rar, unrar
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .arj  tried: arj, unarj
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .arc  tried: nomarch, arc
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .zoo  tried: zoo, unzoo
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .lha  tried: lha
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .cab  tried: cabextract
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .tnef tried: tnef
    Feb 25 11:44:42 server amavis[16043]: Internal decoder for .tnef
    Feb 25 11:44:42 server amavis[16043]: No decoder for       .exe  tried: rar, unrar; lha; arj, unarj
    Feb 25 11:44:42 server amavis[16043]: Using primary internal av scanner code for ClamAV-clamd
    Feb 25 11:44:42 server amavis[16043]: SpamControl: initializing Mail::SpamAssassin
    Feb 25 11:44:42 server clamd[16118]: clamd daemon 0.93.3 (OS: linux-gnu, ARCH: x86_64, CPU: x86_64) 
    Feb 25 11:44:42 server clamd[16118]: Log file size limited to 20971520 bytes. 
    Feb 25 11:44:42 server clamd[16118]: Reading databases from /opt/zimbra/data/clamav/db 
    Feb 25 11:44:42 server clamd[16118]: Not loading PUA signatures. 
    Feb 25 11:44:43 server amavis[16043]: SpamControl: init_pre_fork done
    Feb 25 11:44:45 server clamd[16118]: Loaded 513917 signatures. 
    Feb 25 11:44:45 server clamd[16118]: TCP: Bound to port 3310 
    Feb 25 11:44:45 server clamd[16118]: TCP: Setting connection queue length to 15 
    Feb 25 11:44:45 server clamd[16131]: Limits: Global size limit set to 10240000 bytes. 
    Feb 25 11:44:45 server clamd[16131]: Limits: File size limit set to 10240000 bytes. 
    Feb 25 11:44:45 server clamd[16131]: Limits: Recursion level limit set to 16. 
    Feb 25 11:44:45 server clamd[16131]: Limits: Files limit set to 10000. 
    Feb 25 11:44:45 server clamd[16131]: Archive support enabled. 
    Feb 25 11:44:45 server clamd[16131]: Archive: Blocking encrypted archives. 
    Feb 25 11:44:45 server clamd[16131]: Algorithmic detection enabled. 
    Feb 25 11:44:45 server clamd[16131]: Portable Executable support enabled. 
    Feb 25 11:44:45 server clamd[16131]: ELF support enabled. 
    Feb 25 11:44:45 server clamd[16131]: Mail files support enabled. 
    Feb 25 11:44:45 server clamd[16131]: OLE2 support enabled. 
    Feb 25 11:44:45 server clamd[16131]: PDF support disabled. 
    Feb 25 11:44:45 server clamd[16131]: HTML support enabled. 
    Feb 25 11:44:45 server clamd[16131]: Self checking every 1800 seconds. 
    Feb 25 11:44:47 server zimbramon[13626]: 13626:info: Starting snmp via zmcontrol 
    Feb 25 11:44:48 server zimbramon[13626]: 13626:info: Starting spell via zmcontrol 
    Feb 25 11:44:48 server zimbramon[13626]: 13626:info: Starting mta via zmcontrol 
    Feb 25 11:45:06 server postfix/postfix-script[16739]: warning: not owned by root: /opt/zimbra/postfix-2.4.7.5z/conf/main.cf
    Feb 25 11:45:06 server postfix/postfix-script[16752]: starting the Postfix mail system
    Feb 25 11:45:06 server postfix/master[16753]: daemon started -- version 2.4.7, configuration /opt/zimbra/postfix-2.4.7.5z/conf
    Feb 25 11:45:06 server saslauthd[16761]: detach_tty      : master pid is: 16761
    Feb 25 11:45:06 server saslauthd[16761]: ipc_init        : listening on socket: /opt/zimbra/cyrus-sasl-2.1.22.3z/state/mux
    Feb 25 11:45:06 server zimbramon[13626]: 13626:info: Starting stats via zmcontrol
    Motions of a day at work -

  8. #8
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Sorry I was wrong in the command I gave you so you will need to do the following
    Code:
    su - zimbra
    zmprov mcf  -zimbraMtaRestriction "check_client_access hash: /opt/zimbra/conf/rbl_override"
    Then update /opt/zimbra/conf/postfix_recipient_restrictions.cf and add check_client_access hash: /opt/zimbra/conf/rbl_override to that file instead. Then restart ZCS.

  9. #9
    Join Date
    Jan 2008
    Location
    Germany
    Posts
    83
    Rep Power
    7

    Default

    Quote Originally Posted by uxbod View Post
    Sorry I was wrong in the command I gave you so you will need to do the following
    Code:
    su - zimbra
    zmprov mcf  -zimbraMtaRestriction "check_client_access hash: /opt/zimbra/conf/rbl_override"
    Then update /opt/zimbra/conf/postfix_recipient_restrictions.cf and add check_client_access hash: /opt/zimbra/conf/rbl_override to that file instead. Then restart ZCS.
    Maybe we are getting closer but at the moment after the edit i am getting the following:
    Code:
    ==> zimbra.log <==
    Feb 25 12:28:50 server postfix/master[29586]: warning: process /opt/zimbra/postfix/libexec/smtpd pid 31578 exit status 1
    Feb 25 12:28:50 server postfix/master[29586]: warning: /opt/zimbra/postfix/libexec/smtpd: bad command startup -- throttling
    here is the edit of "~/conf/postfix_recipient_restrictions.cf
    Code:
    reject_non_fqdn_recipient
    permit_sasl_authenticated
    permit_mynetworks
    reject_unauth_destination
    reject_unlisted_recipient
    check_client_access name: /opt/zimbra/conf/rbl_override
    %%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_client%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
    %%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%%
    permit
    NOTE i changed "check_client_access Hash -> toname:"
    because if the following error:
    Code:
    ==> maillog <==
    Feb 25 12:24:16 server postfix/smtpd[26059]: fatal: open dictionary: expecting "type:name" form instead of "hash:"
    Cheers for all the help.
    Motions of a day at work -

  10. #10
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    It should be
    Code:
    check_client_access hash:/opt/zimbra/conf/rbl_override
    Basically make sure no space is between hash: and the file name.
    Last edited by uxbod; 02-25-2009 at 03:44 AM.

Similar Threads

  1. Replies: 8
    Last Post: 01-12-2012, 01:20 AM
  2. dspam logrotate errors
    By michaeln in forum Users
    Replies: 7
    Last Post: 02-19-2007, 11:45 AM
  3. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 09:39 AM
  4. svn version still won't start
    By kinaole in forum Developers
    Replies: 0
    Last Post: 10-04-2006, 06:47 AM
  5. Replies: 16
    Last Post: 09-07-2006, 06:39 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •