A couple of question about gal and customizations

[sengo]

Hello everyone: I'm giving Zimbra a try for my company and I have a couple of doubts.
I configured active directory authentication and gal to only use AD.

If I write a new mail I can browse the Gal and see all the users with a valid mail specified in AD. But if I try to add a new user in AD it doesn't show up in the GAL in Zimbra.

Another question is what exactly are the information that zimbra imports from AD? It's only for authentication or the information specified in AD override the ones in Zimbra? (e.g. display name).

I see Zimbra uses postfix and amavis: any chances to make modification directly to their config files?
I would like to implement pre-queue mail filtering with milters and spf.
Modifying the config files is gonna break the toy or what?

Thanks in advance

Cristian

[Rich Graves]

GAL lookups are cached. To dump the cache, I think it's zmprov flushcache domain example.com. Run zmprov interactively for help.

Note that there could be some replication lag among your DCs, too. And your new AD user needs an email address entered in AD.

AD displayname et al will override the locally entered displaname.

You might not need to do any config file hacking. You can add milters and RBLs with zmlocalcomfig/zmprov. See the release notes. Extra spamassassin rules can be placed in /opt/zimbra/conf/sppamassassin/local-extra.cf. Additional (as opposed to modified) spamassassin .cf files will survive upgrades.

If you must hack, any unsupported changes to postfix and amavisd config files will be lost at daemon restart. Changes to the .in files might last until the next upgrade, but you're better off stating here SPECIFICALLY what customizations you'd like to make, so that we can suggest a more supported way, talk you out of it, or file an RFE in bugzilla.

[sengo]

Quote:

Originally Posted by Rich Graves

You might not need to do any config file hacking. You can add milters and RBLs with zmlocalcomfig/zmprov. See the release notes. Extra spamassassin rules can be placed in /opt/zimbra/conf/sppamassassin/local-extra.cf. Additional (as opposed to modified) spamassassin .cf files will survive upgrades.

If you must hack, any unsupported changes to postfix and amavisd config files will be lost at daemon restart. Changes to the .in files might last until the next upgrade, but you're better off stating here SPECIFICALLY what customizations you'd like to make, so that we can suggest a more supported way, talk you out of it, or file an RFE in bugzilla.

Well, I dropped amavis years ago for the way it runs: post-queue.
Doing AV/SPAM scanning post queue leads to:
1) backscatter
2) blackholing mail

So I replaced it with milters: clamav-milter, spamass-milter and spf-milter.
They all run in prequeue, so the bad stuff is stopped during smtp transaction.

Is there any way to get this done with Zimbra?

Thanks

[Rich Graves]

Milter support was added in 5.0.7. I don't use this myself -- I still have sendmail+milters sitting in front of zimbra in part for this reason.

Bug 27725 – Create LDAP attribute for Postfix Milter to rewrite main.cf

zmprov ms mail.example.com zimbraMtaSmtpdMilters "(milter spec)"

zmmtactl restart

I don't know the format of (milter spec) but it shouldn't be hard to figure out.

[sengo]

Quote:

Originally Posted by Rich Graves

Milter support was added in 5.0.7. I don't use this myself -- I still have sendmail+milters sitting in front of zimbra in part for this reason.

Bug 27725 – Create LDAP attribute for Postfix Milter to rewrite main.cf

zmprov ms mail.example.com zimbraMtaSmtpdMilters "(milter spec)"

zmmtactl restart

I don't know the format of (milter spec) but it shouldn't be hard to figure out.

Thanks for the info, I'll give it a try this days (not a priority ATM)

Cristian