cbpolicyd

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
uxbod
Ambassador
Ambassador
Posts: 7811
Joined: Fri Sep 12, 2014 10:21 pm

cbpolicyd

Postby uxbod » Thu Feb 02, 2012 3:46 am

Is anybody using it yet ? Is it ready for prime time ? I am guessing if you have two MTAs it will need to be enabled on both; therefore for the greylisting to be effective is the SQLite3 database replicated between nodes ?


drwho18
Advanced member
Advanced member
Posts: 60
Joined: Fri Sep 12, 2014 10:33 pm

cbpolicyd

Postby drwho18 » Thu Feb 02, 2012 12:08 pm

I've been using policyd with zimbra for a few years, I just upgraded to Zimbra 7.1.4 from the 5.x.x series and used the same instance, didn't install the one that came with Zimbra, just made sure the new GUI entry for policyd was pointed at the right location.
Zimbra needs to integrate the controls for policyD into the GUI, maybe even down to the COS level type of settings. I think solutions like PolicyD should be really basic functionality in any mail system these days.
bjron.mork
Posts: 8
Joined: Sat Sep 13, 2014 2:27 am

cbpolicyd

Postby bjron.mork » Sat Feb 11, 2012 5:40 pm

Hi,
I installed Zimbra 7.1.4, and enabled the user policyd via below mentioned link.
[QUOTE][HowTo] Enabling CBPolicyD in Zimbra 7.1.1[/QUOTE]
I enabled Policyd WEBUI, but i don't see any logs being process by Policyd Server. It seems that Zimbra Server is not allowing policyd to check any of its feature:o
My Server is listening on 10031 port.
[QUOTE][root@mail ~]# netstat -natp | grep 10031

tcp 0 0 127.0.0.1:10031 0.0.0.0:* LISTEN 4450/perl[/QUOTE]


And /opt/zimbra/postfix/conf/main.cf configurations file is as below...
[QUOTE][root@mail ~]# grep restrictions /opt/zimbra/postfix/conf/main.cf

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_hostname, reject_non_fqdn_sender, reject_unknown_client, reject_unknown_hostname, reject_unknown_sender_domain, reject_rbl_client relays.mail-abuse.org reject_rbl_client dnsbl.njabl.org reject_rbl_client cbl.abuseat.org reject_rbl_client bl.spamcop.net reject_rbl_client sbl.spamhaus.org, permit

smtpd_data_restrictions = reject_unauth_pipelining

smtpd_sender_restrictions =

smtpd_client_restrictions = reject_unauth_pipelining

smtpd_end_of_data_restrictions = check_policy_service inet:127.0.0.1:10031[/QUOTE]
And
[QUOTE][root@mail ~]# cat /opt/zimbra/conf/postfix_recipient_restrictions.cf

%%contains VAR:zimbraServiceEnabled cbpolicyd, check_policy_service inet:127.0.0.1:10031%%

reject_non_fqdn_recipient

permit_sasl_authenticated

permit_mynetworks

reject_unauth_destination

reject_unlisted_recipient

%%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%

%%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%

%%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%

%%contains VAR:zimbraMtaRestriction reject_unknown_client%%

%%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%

%%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%

%%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%%

%%contains VAR:zimbraMtaRestriction check_policy_service unix:private/policy%%

permit[/QUOTE]
Any clue to enable cbpolicyd will be appreciated.
Regards

B~Mork.

cbpolicyd.png

bjron.mork
Posts: 8
Joined: Sat Sep 13, 2014 2:27 am

cbpolicyd

Postby bjron.mork » Tue Feb 14, 2012 2:40 am

Can anyone please help. Its much critical for me before moving to production environment.
My requirements are:
(1) Each User should not be able to send 200 emails per day (based on user@domain.com)

(2) Each user should not send more than 50MB attachment
Can this be achieved through zimbra only????????
I have to ensure these limits within zimbra or either using policyd.
Please help.
User avatar
quanah
Zimbra Alumni
Zimbra Alumni
Posts: 1668
Joined: Fri Sep 12, 2014 10:33 pm
Contact:

cbpolicyd

Postby quanah » Sat Apr 20, 2013 8:42 pm

Read http://wiki.zimbra.com/wiki/Postfix_Policydfor the using policyd with Zimbra 7 and later.
--
Quanah Gibson-Mount
Product Architect, Symas http://www.symas.com/
OpenLDAP Core team http://www.openldap.org/project/

Return to “Administrators”

Who is online

Users browsing this forum: Ace Suares and 12 guests