Page 3 of 3 FirstFirst 123
Results 21 to 30 of 30

Thread: how to block all mails coming from that particular email address.

  1. #21
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    That will work. There is a script that runs that will update config files to implement changes in their respective .in files. This is run on startup automatically. If you want to do this without shutting down the server you can dig around and find out what script updates this and then restart the service you were working on the config file for... however it is much easier to simply put your changes in the .in file and then restart the entire Zimbra service.

  2. #22
    nskmdu is offline Senior Member
    Join Date
    Jun 2008
    Posts
    62
    Rep Power
    7

    Default

    hi Jbrabander

    yes you are correct.

  3. #23
    Jbrabander's Avatar
    Jbrabander is offline Elite Member
    Join Date
    May 2008
    Location
    Park City, KS
    Posts
    342
    Rep Power
    7

    Default Success!

    I got a chance to restart Zimbra finally. I verified that the blacklisted items I added to the salocal.cf.in did in fact copy over to the salocal.cf file. I guess we'll wait and see what happens now!

    Say, does anyone know...if an item hits the blacklist, does that make a note in a log file anywhere? If so, which log?

  4. #24
    frankman is offline Senior Member
    Join Date
    Apr 2008
    Posts
    69
    Rep Power
    7

    Thumbs up A better solution to block all mails for that particular email address(es)

    Quote Originally Posted by Jbrabander View Post
    Say, does anyone know...if an item hits the blacklist, does that make a note in a log file anywhere? If so, which log?
    Check your /var/log/zimbra.log.


    The solution of editting of the salocal.cf file sets spamassassin to blacklist email addresses.

    A better solution is where the email for particular email addresses can get rejected at the postfix level, so it doesn't have to go through the other stuff (spamassassin, amavis, etc.) and saves on memory and cpu usage. Here is my improved solution:

    Step 1: Edit main.cf
    su - zimbra
    cd /opt/zimbra/postfix/conf
    vi main.cf
    Step 2: Modify the "smtpd_recipient_restrictions". Don't edit /opt/zimbra/postfix/conf/main.cf because it gets overwritten.. Add "check_recipient_access hash:<path and file name>" option for the blacklisted destination addresses to /opt/zimbra/conf/postfix_recipient_restrictions.cf:
    vi postfix_recipient_restrictions.cf
    reject_non_fqdn_recipient
    permit_sasl_authenticated
    permit_mynetworks
    reject_unauth_destination
    reject_unlisted_recipient
    &#37;%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_client%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
    %%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client dnsbl.njabl.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client cbl.abuseat.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client bl.spamcop.net%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client sbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client xbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client sbl-xbl.spamhaus.org%%
    %%contains VAR:zimbraMtaRestriction reject_rbl_client relays.mail-abuse.org%%
    check_recipient_access hash:/opt/zimbra/postfix/conf/blacklist_clients
    permit
    Step 3: Create the blacklist for email to reject with the email destinations listed:
    vi /opt/zimbra/postfix/conf/blacklist_clients
    Note: The blacklist_clients (can be named anything, just keep it consistent with what you put in main.cf) contains: (my domain info replaced with example.com)

    Step 4: Then create the postfix db:
    postmap /opt/zimbra/postfix/conf/blacklist_clients
    That's it. No restart needed. Zimbra (Postfix) took it pretty much immediately. Emails to those destinations will be rejected and dropped. Per /var/log/zimbra.log (my domain info removed):
    Feb 8 23:32:16 power postfix/smtpd[2530]: NOQUEUE: reject: RCPT from unknown[91.151.82.113]: 554 5.7.1 <eebec@example.com>: Recipient address rejected: Access denied; from=<whatever@doesntmatter.com> to=<eebec@example.com> proto=SMTP helo=<net91-151-82-ip113.gigabit.web.tr>
    Someone could add that solution to Improving Anti-spam system - Zimbra :: Wiki wiki. I tried to, but could not. I created an account in the wiki and after that, Main Page - Zimbra :: Wiki just comes up as a blank page.

    I like this solution much better. No spamassassin and no amavis used, so less memory and cpu used and is much faster to reject it. I have a legacy catch-all account which I still need. There are 60 non-existent addresses that the spammers target making up ~99% (pulled number out of the air, but that feels about right) of the spam I receive.
    Last edited by frankman; 02-11-2009 at 01:59 PM. Reason: Fixed Step 2: /opt/zimbra/postfix/conf/main.cf gets overwritten. Edit /opt/zimbra/conf/postfix_recipient_restrictions.cf

  5. #25
    ArcaneMagus's Avatar
    ArcaneMagus is offline Moderator
    Join Date
    Feb 2007
    Location
    Portland, OR
    Posts
    1,147
    Rep Power
    10

    Default

    Quote Originally Posted by frankman View Post
    Feb 8 23:32:16 power postfix/smtpd[2530]: NOQUEUE: reject: RCPT from unknown[91.151.82.113]: 554 5.7.1 <eebec@example.com>: Recipient address rejected: Access denied; from=<whatever@doesntmatter.com> to=<eebec@example.com> proto=SMTP helo=<net91-151-82-ip113.gigabit.web.tr>
    frankman it looks like you are trying to block invalid local accounts, in other words accounts that don't exist...postfix already does this for you before a message gets to any further processing so from what I can see your blocklist is already done automatically...
    Here is an example of a mail to an invalid account being rejected:
    Feb 2 11:04:57 email postfix/smtpd[1130]: NOQUEUE: reject: RCPT from mail1.kmpsgroupmail.com[216.17.37.142]: 550 5.1.1 <FJROJAS@example.com>: Recipient address rejected: example.com; from=<bounce_41276790-146973@kmpsgroupbounce.com> to=<FJROJAS@example.com> proto=ESMTP helo=<mail1.kmpsgroupmail.com>

  6. #26
    frankman is offline Senior Member
    Join Date
    Apr 2008
    Posts
    69
    Rep Power
    7

    Default

    Quote Originally Posted by ArcaneMagus View Post
    frankman it looks like you are trying to block invalid local accounts, in other words accounts that don't exist...postfix already does this for you before a message gets to any further processing so from what I can see your blocklist is already done automatically...
    Thanks for the reply!

    I should have mentioned (like in another thread), but because of legacy reasons, I have a catch-all account and am in the process of getting rid of it.

    Since the vast majority of the spam I get are repeatedly addressed to those ~60 addresses for the past few years, the above solution works for me... for now.

  7. #27
    Blinkiz is offline Senior Member
    Join Date
    Sep 2008
    Location
    Stockholm, Sweden
    Posts
    55
    Rep Power
    6

    Default

    Thank you frankman for the solution above.
    Just wanted to let everyone know how this can be done with Zimbra 6.0.6+

    All commands below is run as the zimbra user

    Edit /opt/zimbra/conf/postfix_recipient_restrictions.cf and add this just before the permit line:
    Code:
    check_recipient_access hash:/opt/zimbra/conf/blacklist_clients
    I make no guarantee that this will stick. Zimbra will probably just replace this one if you make changes in your zimbra admin gui. If someone know a better place to put this line, post a reply.

    Then create /opt/zimbra/conf/blacklist_clients and put every address you want to block on it's own row. If you want the sender to know about your block, use REJECT. If not, use DISCARD.
    Code:
    libtorrent@mydomain.com DISCARD
    registerflywhois@mydomain.com REJECT
    Finally run postmap:
    Code:
    postmap /opt/zimbra/conf/blacklist_clients
    Oh, you probably need to do a "postfix reload" after you have edited postfix_recipient_restrictions.cf.

  8. #28
    Blinkiz is offline Senior Member
    Join Date
    Sep 2008
    Location
    Stockholm, Sweden
    Posts
    55
    Rep Power
    6

    Default

    My above trick to blacklist some email addresses, does not work as of Zimbra 7.0.0. Suggestions?

  9. #29
    thcassio is offline Member
    Join Date
    Jun 2012
    Posts
    13
    Rep Power
    3

    Default

    Nice thread, now how do I blacklist outgoing addresses please?

  10. #30
    azad_ranjeet is offline Intermediate Member
    Join Date
    Jun 2012
    Location
    Delhi
    Posts
    18
    Rep Power
    3

    Default

    Blacklists and Whitelists
    edit your /opt/zimbra/conf/salocal.cf.in file
    Desc:-The simplest filtering methods for spamassasin are the blacklist and whitelist. Blacklist entries block all email from an
    address or domain, and whitelist entries bypass all filtering for an address or domain. To add blackist or whitelist entries to
    your salocal.cf.in file, simply add lines in the following format:
    blacklist_from shyam.sharma@sysnetglobal.com
    whitelist_from bill@yahoo.net
    blacklist_from *@hp.com
    Note that * is a wildcard. In this example *@hp.com indicates all email from any user at hp.com
    When you are finished editing the salocal.cf.in file, restart Zimbra spamassassin by issuing the following command at the
    server prompt (as the zimbra user):
    zmmtactl restart && zmamavisdctl restart

Page 3 of 3 FirstFirst 123

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Can't change outgoing email address
    By albanach in forum Zimbra Connector for Outlook
    Replies: 3
    Last Post: 02-06-2008, 12:09 PM
  2. Change Install Admin Email Address
    By soxfan in forum Administrators
    Replies: 4
    Last Post: 11-01-2007, 04:10 AM
  3. need advice on configuring zimbra to work with fax server
    By pheonix1t in forum Administrators
    Replies: 0
    Last Post: 07-11-2007, 07:46 PM
  4. upgrade to 4.0.3 antispam does'nt work
    By lucanannipieri in forum Administrators
    Replies: 14
    Last Post: 11-07-2006, 03:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •