 Anyone looking to do the same thing, this is what we did
Anyone looking to do the same thing, this is what we did
reject_non_fqdn_recipient
permit_sasl_authenticated
hash:/opt/zimbra/postfix/conf/accessFile // add this to /opt/zimbra/conf/postfix_recipient_restrictions.cf
permit_mynetworks
%%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
%%contains VAR:zimbraMtaRestriction reject_unknown_client%%
%%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
%%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client dnsbl.njabl.org%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client opm.blitzed.org%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client relays.ordb.org%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client cbl.abuseat.org%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client bl.spamcop.net%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client dnsbl.sorbs.net%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client sbl.spamhaus.org%%
%%contains VAR:zimbraMtaRestriction reject_rbl_client relays.mail-abuse.org%%
reject_unauth_destination
permit
in /opt/zimbra/postfix/conf/main.cf modify to include:
smtpd_client_restrictions = hash:/opt/zimbra/postfix/conf/accessFile, reject_unauth_pipelining
smptd_sender_restrictions = hash:/opt/zimbra/postfix/conf/accessFile
then create
/opt/zimbra/postfix/conf/accessFile
net reject
com reject
org reject
hotmail.com OK // This will reject all email from any .com, .org, or .net domain but allow hotmail.com
remember to compile the /opt/zimbra/postfix/conf/accessFile with postmap.  |