Zimbra

sandeep.singh · #1 (**permalink**) 09-04-2009, 09:33 AM

hi all,

recently i join an org. where we are using zimbra 5.0 for internal mailing service....
i want to set the access permission for my distribution list like (all@mydomain.com) for few of my user only not for all who are in the list or not, i had strictly followed all steps from RestrictPostfixRecipients - Zimbra :: Wiki, at the last i reload my postfix... but still the user whois in the DL list are able to access and send the mail across...

i need to do it quickly ASAp i can..

..

will wait for you help.

sandeep singh

uxbod · #2 (**permalink**) 09-04-2009, 09:50 AM

Welcome to the forums

If you have restarted ZCS then /opt/zimbra/postfix/conf/main.cf will have been over-written. You need to make the changes to /opt/zimbra/conf/zmmta.cf and then restart ZCS.

sandeep.singh · #3 (**permalink**) 09-04-2009, 09:56 AM

thnks for ur quick rply..

how do i start ZCS and what changes required in opt/zimbra/conf/zmmta.cf

sandeep singh

sandeep.singh · #4 (**permalink**) 09-06-2009, 11:30 PM

hey Ubox,

i am waiting for your reply...

sandeep.singh

uxbod · #5 (**permalink**) 09-07-2009, 12:08 AM

Quote:

Originally Posted by sandeep.singh

how do i start ZCS

what do you mean ?

sandeep.singh · #6 (**permalink**) 09-07-2009, 12:16 AM

as you said..

( If you have restarted ZCS then /opt/zimbra/postfix/conf/main.cf will have been over-written. You need to make the changes to /opt/zimbra/conf/zmmta.cf and then restart ZCS )

what all changes i need to do.

uxbod · #7 (**permalink**) 09-07-2009, 12:37 AM

For the time being make the changes to main.cf so that you get your install back up and running.

sandeep.singh · #8 (**permalink**) 09-07-2009, 01:41 AM

it done..

plz check the configuration....

$ vi /opt/zimbra/postfix/conf/permitted_senders

localhost OK
pinelabs.com OK
zimbra.pinelabs.com OK
sandeep.singh@pinelabs.com OK ------> valid user
~

$ vi /opt/zimbra/postfix/conf/protected_recipients

#pine-all@pinelabs.com permitted_senders_list
ithelp@pinelabs.com permitted_senders_list -----> my DL

$ /opt/zimbra/postfix/conf/update_protected_recipients

rebuild permitted_senders...
rebuild protected_recipients....

$ vi /opt/zimbra/conf/postfix_recipient_restrictions.cf

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients
reject_non_fqdn_recipient
permit_sasl_authenticated
permit_mynetworks
reject_unauth_destination
reject_unlisted_recipient
%%contains VAR:zimbraMtaRestriction reject_invalid_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%%
%%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%%
%%contains VAR:zimbraMtaRestriction reject_unknown_client%%
%%contains VAR:zimbraMtaRestriction reject_unknown_hostname%%
%%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%%
%%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%%
%%contains VAR:zimbraMtaRestriction check_policy_service unix

rivate/policy%%
permit

$ postfix reload ---> OK

# here is the permission details...
total 288
drwxrwxr-x 2 root postfix 4096 2009-09-07 13:00 .
drwxr-xr-x 6 root root 4096 2009-06-17 22:26 ..
-rw-r--r-- 1 root postfix 17869 2009-04-13 23:54 access
-rw-r--r-- 1 root postfix 8829 2009-04-13 23:54 aliases
-rw-r--r-- 1 root postfix 3548 2009-04-13 23:54 bounce.cf.default
-rw-r--r-- 1 root postfix 11681 2009-04-13 23:54 canonical
-rw-r--r-- 1 root postfix 9904 2009-04-13 23:54 generic
-rw-r--r-- 1 root postfix 17439 2009-04-13 23:54 header_checks
-rw-r--r-- 1 root postfix 11942 2009-04-13 23:54 LICENSE
-rw-r--r-- 1 zimbra zimbra 2311 2009-09-07 13:00 main.cf
-rw-r----- 1 zimbra zimbra 2082 2009-09-04 14:15 main.cf.bkp
-rw-r--r-- 1 root postfix 18426 2009-04-13 23:54 main.cf.default
-rw-r--r-- 1 root postfix 3383 2009-04-13 23:54 makedefs.out
-r--r----- 1 zimbra zimbra 5269 2009-09-07 12:56 master.cf
-rw-r--r-- 1 zimbra zimbra 5363 2009-04-29 18:33 master.cf.in
-rw-r----- 1 root postfix 86 2009-09-04 20:30 permitted_senders
-rw-r----- 1 zimbra zimbra 54 2009-09-04 13:47 permitted_senders.bkp
-rw-r----- 1 zimbra zimbra 12288 2009-09-07 12:55 permitted_senders.db
-rw-r--r-- 1 root postfix 17588 2009-04-13 23:54 postfix-files
-rwxr-xr-x 1 root postfix 6647 2009-04-13 23:54 postfix-script
-rwxr-xr-x 1 root postfix 22197 2009-04-13 23:54 post-install
-rw------- 1 root root 1024 2009-09-07 12:56 prng_exch
-rw-r----- 1 root postfix 91 2009-09-04 20:31 protected_recipients
-rw-r----- 1 zimbra zimbra 45 2009-09-04 13:50 protected_recipients.bkp
-rw-r----- 1 zimbra zimbra 12288 2009-09-07 12:55 protected_recipients.db
-rw-r--r-- 1 root postfix 6816 2009-04-13 23:54 relocated
-rw-r--r-- 1 root postfix 1629 2009-04-13 23:54 TLS_LICENSE
-rw-r--r-- 1 root postfix 12357 2009-04-13 23:54 transport
-rwxr-xr-x 1 root postfix 192 2009-07-30 16:42 update_protected_recipients
-rw-r--r-- 1 root postfix 12494 2009-04-13 23:54 virtual

at the time of modifying... $ vi /opt/zimbra/postfix/conf/main.cf , thr is a NOTE

[add these items to the file - note permitted_senders_list must match value in protected_recipients]
**Note this change to the main.cf won't survive upgrades. Be sure to save a copy of your main.cf file**

wht does below two line says...

**** i had added these two line at the end of the file...**********

permitted_senders_list = check_sender_access hash:/opt/zimbra/postfix/conf/permitted_senders, reject
smtpd_restriction_classes = permitted_senders_list

Zimbra

Downloads

Product Information

Toolbox

Why Join?