How about some postfix-fu?
I did this on our Open Exchange box in postfix. We are getting ready to switch over to Zimbra, so I imagine I will be doing it again real soon...
Looking at postfix on our OX box, here is what I did:
List of originating domains or users that can send to protected list
jdell@portal:/etc/postfix> cat insiders
Distribution lists that are being protected
jdell@portal:/etc/postfix> cat protected_destinations
In main.cf, you would want something like the following:
insiders_only= check_sender_access hash:/etc/postfix/insiders, reject
smtpd_recipient_restrictions= hash:/etc/postfix/protected_destinations, ...
I'm not a postfix expert, and I believe this can be spoofed by a spammer who forges the mail headers, but in 3 years, I haven't had that happen (but before I put this in place, several spams did find there way to distribution lists).
There is probably a more elegant way to do this, and now that we are discussing this, anybody else think there ought to be an admin UI that allows you to restrict?
Also, from another thread, I don't think you can edit the postfix main.cf directly, rather you need to add this to /opt/zimbra/conf/zmmta.cf
If you get this working in your Zimbra, please post your setup!