Results 1 to 2 of 2

Thread: PolicyD v2 doesn't work with Zimbra

Hybrid View

  1. #1
    Join Date
    May 2007
    Location
    Indonesia
    Posts
    149
    Rep Power
    10

    Default PolicyD v2 doesn't work with Zimbra

    Hi,

    I'm implementing ClueBringer Policyd with Zimbra 6.0.10 on SLES 11 SP1 64 bit. Policyd service was running without problem :

    # ps ax | grep policyd
    20437 ? Ss 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
    20438 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
    20439 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
    20440 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
    20452 ? S 0:00 /usr/bin/perl /usr/sbin/cbpolicyd --config /etc/policyd/cluebringer.conf
    20465 pts/1 S+ 0:00 grep policyd
    # netstat -pln | grep :10031
    tcp 0 0 0.0.0.0:10031 0.0.0.0:* LISTEN 20437/perl
    But it seems that Policyd doesn't correctly integrating with Zimbra. Below is my configuration and log :

    /opt/zimbra/postfix/conf/main.cf
    Code:
    smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client dnsbl.njabl.org, reject_rbl_client opm.blitzed.org, reject_rbl_client cbl.abuseat.org, reject_rbl_client bl.spamcop.net, check_policy_service inet:127.0.0.1:10031, permit
    ..
    ..
    smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031
    /opt/zimbra/conf/postfix_recipient_restrictions.cf
    Code:
    reject_non_fqdn_recipient
    permit_sasl_authenticated
    permit_mynetworks
    reject_unauth_destination
    reject_unlisted_recipient
    %%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_client%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
    %%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%%
    %%contains VAR:zimbraMtaRestriction check_policy_service unix:private/policy%%
    %%contains VAR:zimbraMtaRestriction check_policy_service inet:127.0.0.1:10031%%
    permit
    I'm sending mail with Thunderbird both with port 465 (TLS) or 25 (via trusted network) but Zimbra seems to bypassing policyd

    /var/log/zimbra.log
    Jan 27 20:31:49 mail postfix/smtpd[30165]: connect from unknown[118.xxx.xx.xxx]
    Jan 27 20:31:49 mail postfix/smtpd[30165]: 7A8AE1C227C: client=unknown[118.xxx.xx.xxx]
    Jan 27 20:31:49 mail postfix/cleanup[30168]: 7A8AE1C227C: message-id=<4D4173CB.2060106@vavai.com>
    Jan 27 13:31:49 mail postfix/qmgr[6801]: 7A8AE1C227C: from=<admin@vavai.com>, size=604, nrcpt=1 (queue active)
    Jan 27 20:31:49 mail postfix/smtpd[30165]: disconnect from unknown[118.xxx.xx.xxx]
    Jan 27 20:31:49 mail amavis[5766]: (05766-01) ESMTP::10024 /opt/zimbra/data/amavisd/tmp/amavis-20110127T203149-05766: <admin@vavai.com> -> <admin@vavai.com> SIZE=604 Received: from mail.vavai.com ([127.0.0.1]) by localhost (mail.vavai.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP for <admin@vavai.com>; Thu, 27 Jan 2011 20:31:49 +0700 (WIT)
    Jan 27 20:31:49 mail amavis[5766]: (05766-01) Checking: hzuuEY1QBzGP [118.xxx.xx.xxx] <admin@vavai.com> -> <admin@vavai.com>
    Jan 27 20:31:51 mail postfix/smtpd[30498]: connect from localhost[127.0.0.1]
    Jan 27 20:31:51 mail postfix/smtpd[30498]: 9E6E51C227F: client=localhost[127.0.0.1]
    Jan 27 20:31:51 mail postfix/cleanup[30168]: 9E6E51C227F: message-id=<4D4173CB.2060106@vavai.com>
    Jan 27 13:31:51 mail postfix/qmgr[6801]: 9E6E51C227F: from=<admin@vavai.com>, size=1220, nrcpt=1 (queue active)
    Jan 27 20:31:51 mail amavis[5766]: (05766-01) FWD via SMTP: <admin@vavai.com> -> <admin@vavai.com>,BODY=7BIT 250 2.0.0 Ok, id=05766-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9E6E51C227F
    Jan 27 20:31:51 mail amavis[5766]: (05766-01) Passed CLEAN, [118.xxx.xx.xxx] [118.xxx.xx.xxx] <admin@vavai.com> -> <admin@vavai.com>, Message-ID: <4D4173CB.2060106@vavai.com>, mail_id: hzuuEY1QBzGP, Hits: -2.899, size: 603, queued_as: 9E6E51C227F, 2089 ms
    Jan 27 20:31:51 mail postfix/smtp[30483]: 7A8AE1C227C: to=<admin@vavai.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=2.3, delays=0.16/0/0.02/2.1, dsn=2.0.0, status=sent (250 2.0.0 Ok, id=05766-01, from MTA([127.0.0.1]:10025): 250 2.0.0 Ok: queued as 9E6E51C227F)
    Jan 27 13:31:51 mail postfix/qmgr[6801]: 7A8AE1C227C: removed
    Jan 27 20:31:51 mail amavis[5766]: (05766-01) extra modules loaded: /opt/zimbra/zimbramon/lib/x86_64-linux-thread-multi/auto/Net/SSLeay/autosplit.ix, /opt/zimbra/zimbramon/lib/x86_64-linux-thread-multi/auto/Net/SSLeay/randomize.al, IO/Socket/SSL.pm, Net/LDAP/Extension.pm, Net/SSLeay.pm
    Jan 27 20:31:51 mail postfix/lmtp[30488]: 9E6E51C227F: to=<admin@vavai.com>, relay=mail.vavai.com[192.168.10.1]:7025, delay=0.2, delays=0.05/0.01/0.01/0.13, dsn=2.1.5, status=sent (250 2.1.5 Delivery OK)
    Jan 27 13:31:51 mail postfix/qmgr[6801]: 9E6E51C227F: removed
    I didn't see any log regarding policyd and I could not applying rate-limit sending because Zimbra doesn't connect at all into policyd.

    Any help appreciated.

    Noted : I know Zimbra 7.0.0 will be integrating Cluebringer policyd as anti spam services but I would like to know the root of problem and want to implement it onto Zimbra 6.x.x
    Best Regards
    ---
    Masim "Vavai" Sugianto
    Zimbra Tutorial
    Personal Blog [ID]

    Release 8.0.6_GA_5922.SLES11_64_20131203103702 SLES11_64 FOSS edition.

  2. #2
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,285
    Rep Power
    12

    Default

    Policyd instructions are at Postfix Policyd - Zimbra :: Wiki
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

Similar Threads

  1. Zimbra 8.0.1 Policyd
    By niam in forum Administrators
    Replies: 5
    Last Post: 12-24-2013, 02:40 AM
  2. How to install policyd
    By blueflametuna in forum Administrators
    Replies: 7
    Last Post: 04-20-2013, 06:43 PM
  3. installing policyd on zimbra 7.0
    By rajeshkodali in forum Administrators
    Replies: 3
    Last Post: 04-20-2013, 06:43 PM
  4. Policyd Web
    By jose.cortina in forum Administrators
    Replies: 0
    Last Post: 04-24-2012, 03:04 PM
  5. about zimbra and policyd installation
    By prasenjitbehera in forum General Questions
    Replies: 0
    Last Post: 09-18-2008, 11:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •