Results 1 to 10 of 10

Thread: [SOLVED] Applying RBL List

Hybrid View

  1. #1
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Unhappy [SOLVED] Applying RBL List

    I think I may be missing something basic here on getting the RBL I put in to work.
    Yesterday put in:
    Code:
    zmprov mcf +zimbraMtaRestriction "reject_rbl_client b.barracuracentral.org"
    Verified input by doing:
    Code:
    zimbra:~ # su zimbra
    zimbra@zimbra:/root> zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_rbl_client b.barracudacentral.org
    zimbra@zimbra:/root>
    Then did
    Code:
    postfix reload
    zmcontrol stop
    zmcontrol start
    However after 24 hours when I check to see if anything was blocked by the RBL I get:
    Code:
    zimbra:~ # /usr/local/sbin/dnsblcount /var/log/zimbra.log
    =================================
    Total DNSBL rejections:
    zimbra:~ #
    and in /opt/zimbra/postfix/conf/main.cf nor when I do a 'postconf -n' I do not see my RBL listing:
    Code:
    zimbra:~ # postconf -n
    alias_maps = hash:/etc/aliases
    biff = no
    canonical_maps = hash:/etc/postfix/canonical
    command_directory = /usr/sbin
    config_directory = /etc/postfix
    daemon_directory = /usr/lib/postfix
    debug_peer_level = 2
    defer_transports =
    disable_dns_lookups = no
    disable_mime_output_conversion = no
    html_directory = /usr/share/doc/packages/postfix/html
    inet_interfaces = 127.0.0.1
    inet_protocols = all
    mail_owner = postfix
    mail_spool_directory = /var/mail
    mailbox_command =
    mailbox_size_limit = 0
    mailbox_transport =
    mailq_path = /usr/bin/mailq
    manpage_directory = /usr/share/man
    masquerade_classes = envelope_sender, header_sender, header_recipient
    masquerade_domains =
    masquerade_exceptions = root
    message_size_limit = 10240000
    mydestination = $myhostname, localhost.$mydomain
    myhostname = zimbra.r8esc.k12.in.us
    mynetworks_style = subnet
    newaliases_path = /usr/bin/newaliases
    queue_directory = /var/spool/postfix
    readme_directory = /usr/share/doc/packages/postfix/README_FILES
    relayhost =
    relocated_maps = hash:/etc/postfix/relocated
    sample_directory = /usr/share/doc/packages/postfix/samples
    sender_canonical_maps = hash:/etc/postfix/sender_canonical
    sendmail_path = /usr/sbin/sendmail
    setgid_group = maildrop
    smtp_sasl_auth_enable = no
    smtp_use_tls = no
    smtpd_client_restrictions =
    smtpd_helo_required = no
    smtpd_helo_restrictions =
    smtpd_recipient_restrictions = permit_mynetworks,reject_unauth_destination
    smtpd_sasl_auth_enable = no
    smtpd_sender_restrictions = hash:/etc/postfix/access
    smtpd_use_tls = no
    strict_8bitmime = no
    strict_rfc821_envelopes = no
    transport_maps = hash:/etc/postfix/transport
    unknown_local_recipient_reject_code = 550
    virtual_alias_domains = hash:/etc/postfix/virtual
    virtual_alias_maps = hash:/etc/postfix/virtual
    My main.cf file:
    Code:
    sender_canonical_maps = ldap:/opt/zimbra/conf/ldap-scm.cf
    virtual_alias_domains = ldap:/opt/zimbra/conf/ldap-vad.cf
    lmtp_connection_cache_time_limit = 4s
    recipient_delimiter = 
    smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
    smtpd_tls_auth_only = yes
    myhostname = zimbra.r8esc.k12.in.us
    virtual_mailbox_domains = ldap:/opt/zimbra/conf/ldap-vmd.cf
    mydestination = localhost
    mailbox_size_limit = 0
    setgid_group = postdrop
    smtpd_client_restrictions = reject_unauth_pipelining
    queue_run_delay = 300s
    minimal_backoff_time = 300s
    virtual_alias_maps = ldap:/opt/zimbra/conf/ldap-vam.cf
    transport_maps = ldap:/opt/zimbra/conf/ldap-transport.cf
    message_size_limit = 51200000
    sendmail_path = /opt/zimbra/postfix/sbin/sendmail
    broken_sasl_auth_clients = yes
    lmtp_connection_cache_destinations = 
    alias_maps = hash:/etc/aliases
    manpage_directory = /opt/zimbra/postfix/man
    smtpd_helo_required = yes
    in_flow_delay = 1s
    daemon_directory = /opt/zimbra/postfix/libexec
    maximal_backoff_time = 4000s
    virtual_transport = error
    mynetworks = 127.0.0.0/8 192.168.1.0/24 
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, permit
    smtpd_tls_loglevel = 1
    relayhost = 
    disable_dns_lookups = no
    mail_owner = postfix
    virtual_mailbox_maps = ldap:/opt/zimbra/conf/ldap-vmm.cf
    content_filter = smtp-amavis:[127.0.0.1]:10024
    version = 2.4.7.5z
    mailq_path = /opt/zimbra/postfix/sbin/mailq
    header_checks = pcre:/opt/zimbra/conf/postfix_header_checks
    smtpd_use_tls = yes
    queue_directory = /opt/zimbra/data/postfix/spool
    newaliases_path = /opt/zimbra/postfix/sbin/newaliases
    smtpd_reject_unlisted_recipient = no
    smtpd_data_restrictions = reject_unauth_pipelining
    local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
    smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
    command_directory = /opt/zimbra/postfix/sbin
    smtpd_sasl_auth_enable = yes
    Am I missing some very basic to get this RBL to work or do i just need to wait to see any RBL hits?
    Last edited by r8escjohn; 03-10-2009 at 09:58 AM. Reason: changed postfix to postconf....

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Check /var/log/zimbra.log after you restart for any error messages. Have just checked my server and I get
    Code:
    [zimbra@office conf]$ zmprov gcf zimbraMtaRestriction
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_rbl_client b.barracudacentral.org
    zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
    and for main.cf
    Code:
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, permit

  3. #3
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Default

    Hmm....This is intresting...
    Mar 10 12:01:41 zimbra postfix/postfix-script[26559]: warning: not owned by root: /opt/zimbra/postfix-2.4.7.5z/conf/main.cf
    Mar 10 12:01:42 zimbra postfix/postfix-script[26583]: starting the Postfix mail system
    Other that that I find this that stands out...
    Mar 10 12:01:00 zimbra zmmailboxdmgr[25857]: file /opt/zimbra/log/zmmailboxd_manager.pid does not exist
    Are these what I need to be looking at more closely, or some other direction?
    Thanks!

  4. #4
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Can you check your config again using zmprov and then perform a stop/start of ZCS. As soon as it has started check /var/log/zimbra.log for any error messages. What are the permissions on /opt/zimbra/conf/main.cf* ?

  5. #5
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Default

    Thought I had a fix by changing my main.cf rights from zimbra/zimbra (which it was/is and I am assuming that is incorrect) to root/postfix. No go as on restart of Zimbra (zmcontrol stop/start) the rights of /opt/zimbra/postfix/main.cf changed back to zimbra/zimbra....:-<

    Current zmprov:
    zimbra@zimbra:/root> zmprov gacf | grep zimbraMtaRestriction
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender
    zimbraMtaRestriction: reject_rbl_client b.barracudacentral.org
    Set ownership of main.cf
    -rw-r--r-- 1 root postfix 2112 Mar 11 14:34 main.cf
    Current ownership of the main.cf-after Zimbra start/stop.....
    -rw-r--r-- 1 zimbra zimbra 2112 Mar 11 14:41 main.cf
    I am thinking this is my issue that main.cf is owned by zimbra and not root as in my zimbra.log I still show this error:
    Mar 11 14:41:15 zimbra postfix/postfix-script[14665]: warning: not owned by root: /opt/zimbra/postfix-2.4.7.5z/conf/main.cf
    And in my main.cf it does not list my RBL in the 'smtpd_recipient_restrictions'
    Last edited by r8escjohn; 03-11-2009 at 12:10 PM. Reason: current main.cf file comment

  6. #6
    Join Date
    Dec 2007
    Location
    Ypsilanti, MI
    Posts
    145
    Rep Power
    7

    Default

    Quote Originally Posted by r8escjohn View Post
    Thought I had a fix by changing my main.cf rights from zimbra/zimbra (which it was/is and I am assuming that is incorrect) to root/postfix. No go as on restart of Zimbra (zmcontrol stop/start) the rights of /opt/zimbra/postfix/main.cf changed back to zimbra/zimbra....:-<

    Current zmprov:


    Set ownership of main.cf


    Current ownership of the main.cf-after Zimbra start/stop.....


    I am thinking this is my issue that main.cf is owned by zimbra and not root as in my zimbra.log I still show this error:


    And in my main.cf it does not list my RBL in the 'smtpd_recipient_restrictions'
    That "error" is normal and can be ignored. It's certainly not the cause of your problems. What does your /opt/zimbra/conf/postfix_recipient_restrictions.cf look like?

    You could also try the following:

    Code:
    zimbra@mail:~> zmprov mcf zimbraMtaRestrictionRBLs b.barracudacentral.org
    zimbra@mail:~> zmmtactl stop
    zimbra@mail:~> zmmtactl start

  7. #7
    Join Date
    Jan 2008
    Location
    Columbia City IN
    Posts
    68
    Rep Power
    7

    Default

    Brillant!
    While running the
    zimbra@mail:~> zmprov mcf zimbraMtaRestrictionRBLs b.barracudacentral.org
    gave me an
    zimbra@zimbra:~/postfix/conf> zmprov mcf zimbraMtaRestrictionRBLs b.barracudacentral.org
    ERROR: account.INVALID_ATTR_NAME (invalid attr name: [LDAP: error code 17 - zimbraMtaRestrictionRBLs: attribute type undefined])
    I was able to manually edit the /opt/zimbra/conf/postfix_recipient_restrictions.cf file and add 'reject_rbl_client b.barracudacentral.org' listing, do a quick 'zmmtactl stop'/'start' and we are golden! After only about 5 minutes I have:
    zimbra:/opt/zimbra/postfix/conf # /usr/local/sbin/dnsblcount /var/log/zimbra.log
    b.barracudacentral.org 40
    =================================
    Total DNSBL rejections: 40
    Woo Hoo!
    Now manualy editing that 'postfix_recipient_restrictions.cf' file was probally a no-no, but at this point it woked for me.
    I will continue to monitor but so far so good!

  8. #8
    Join Date
    Dec 2007
    Location
    Ypsilanti, MI
    Posts
    145
    Rep Power
    7

    Smile

    Quote Originally Posted by r8escjohn View Post
    Brillant!
    While running the

    gave me an

    I was able to manually edit the /opt/zimbra/conf/postfix_recipient_restrictions.cf file and add 'reject_rbl_client b.barracudacentral.org' listing, do a quick 'zmmtactl stop'/'start' and we are golden! After only about 5 minutes I have:

    Woo Hoo!
    Now manualy editing that 'postfix_recipient_restrictions.cf' file was probally a no-no, but at this point it woked for me.
    I will continue to monitor but so far so good!
    The addition of zimbraMtaRestrictionRBLs must have been more recent than the 5.0.6 version of ZCS you're using. Seeing as that is now working for you, I wouldn't worry about it being in the postfix_recipient_restrictions.cf file. But if you ever want to remove it, you'll have to remember to remove it from that file since removing it from zimbraMtaRetrictions won't have any affect. In any event, I'm glad this got you going!

  9. #9
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    I would highly recommend upgrading then! Am glad all is working though Very odd IMHO as that is a standard part of Postfix

  10. #10
    Join Date
    Nov 2007
    Location
    INDIA
    Posts
    65
    Rep Power
    7

    Default thanks

    Quote Originally Posted by uxbod View Post
    I would highly recommend upgrading then! Am glad all is working though Very odd IMHO as that is a standard part of Postfix
    thanks thanks thanks
    Yukari !!!!
    +91 982 503 9118
    -----------------------------
    Release 6.0.2_GA_1912.RHEL5_64_20091020161509RHEL5_64 FOSS edition.

Similar Threads

  1. [SOLVED] Sudden problem synching with gmail
    By bouchardpie in forum Error Reports
    Replies: 8
    Last Post: 09-09-2010, 09:50 AM
  2. Exchange/Imap errors
    By pmibal in forum General Questions
    Replies: 4
    Last Post: 09-23-2009, 11:46 AM
  3. Error using Zimbra Desktop with all folders
    By randhirv in forum Error Reports
    Replies: 3
    Last Post: 01-24-2009, 12:01 AM
  4. Problem syncing all folders
    By mark_the_chain in forum Error Reports
    Replies: 0
    Last Post: 11-23-2008, 03:59 PM
  5. E61i IMAP sync - old bug back again?
    By matt_b in forum Zimbra Mobile
    Replies: 7
    Last Post: 08-10-2008, 02:38 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •