Just ran across an issue after updating a while back to 5.0.18 involving my
Distributions lists and Postfix restrictions I had set up where I could now send from external. Ok, so I remove the files I had originally setup - which were still there - in my /opt/zimbra/postfix/conf/ directory:
permitted_senders
permitted_senders.db
protected_recipients
protected_recipients.db
update_protected_recipients
and go thru the 'RestrictPostfixRecipients' wiki doc
and follow steps to the letter (Just like I did in 5.0.6) including adding in my main.cf the
'permitted_senders_list ='
(which was still listed there but was named as 'permitter_senders_list =' (?))
Restated postfix and I even restarted Zimbra with no result for blocking external e-mail to my Distribution lists I had defined in protected_recipients file. I know it probably is something very simple I missed buy not able to find. Even went trough process twice with same results.
My Version: Code:
Release 5.0.18_GA_3011.openSUSE_10.2_20090709094925 openSUSE_10.2 FOSS edition
My Settings:
postfix_recipient_restrictions.cf
Code:
check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients
permitted_senders
Code:
localhost OK
mydomainxxx.com OK
zimbra.mydomainxxx.com OK
protected_recipients
Code:
sub_beth_staff@zimbra.mydomainxxx.com permitted_senders_list
bhmsd_staff@zimbra.mydomainxxx.com permitted_senders_list
hamilton_staff@zimbra.mydomainxxx.com permitted_senders_list
manchester_staff@zimbra.mydomainxxx.com permitted_senders_list
nacs_staff@zimbra.mydomainxxx.com permitted_senders_list
r8officestaff@zimbra.mydomainxxx.com permitted_senders_list
esctechs@zimbra.mydomainxxx.com permitted_senders_list
createtest@zimbra.mydomainxxx.com permitted_senders_list
superadmin@zimbra.mydomainxxx.com permitted_senders_list
test@zimbra.mydomainxxx.com permitted_senders_list
My main.cf:
Code:
sender_canonical_maps = proxy:ldap:/opt/zimbra/conf/ldap-scm.cf
virtual_alias_domains = proxy:ldap:/opt/zimbra/conf/ldap-vad.cf
lmtp_connection_cache_time_limit = 4s
recipient_delimiter =
smtpd_tls_cert_file = /opt/zimbra/conf/smtpd.crt
smtpd_tls_auth_only = yes
myhostname = zimbra.mydomainxxx.com
virtual_mailbox_domains = proxy:ldap:/opt/zimbra/conf/ldap-vmd.cf
mydestination = localhost
mailbox_size_limit = 0
setgid_group = postdrop
smtpd_client_restrictions = reject_unauth_pipelining
queue_run_delay = 300s
minimal_backoff_time = 300s
virtual_alias_maps = proxy:ldap:/opt/zimbra/conf/ldap-vam.cf
transport_maps = proxy:ldap:/opt/zimbra/conf/ldap-transport.cf
message_size_limit = 20480000
sendmail_path = /opt/zimbra/postfix/sbin/sendmail
broken_sasl_auth_clients = yes
lmtp_connection_cache_destinations =
alias_maps = hash:/etc/aliases
manpage_directory = /opt/zimbra/postfix/man
smtpd_helo_required = yes
in_flow_delay = 1s
daemon_directory = /opt/zimbra/postfix/libexec
maximal_backoff_time = 4000s
virtual_transport = error
mynetworks = 127.0.0.0/8 192.168.1.0/24 165.134.176.0/24 165.134.177.0/24 75.207.0.0/16 75.203.0.0/16 75.204.0.0/16 75.205.0.0/16 75.206.0.0/16 70.224.0.0/16 168.102.0.0/24
smtpd_recipient_restrictions = reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org, reject_rbl_client zen.spamhaus.org, permit
smtpd_tls_loglevel = 1
relayhost =
disable_dns_lookups = no
mail_owner = postfix
virtual_mailbox_maps = proxy:ldap:/opt/zimbra/conf/ldap-vmm.cf
content_filter = smtp-amavis:[127.0.0.1]:10024
version = 2.4.7.5z
mailq_path = /opt/zimbra/postfix/sbin/mailq
header_checks = pcre:/opt/zimbra/conf/postfix_header_checks
smtpd_use_tls = yes
queue_directory = /opt/zimbra/data/postfix/spool
newaliases_path = /opt/zimbra/postfix/sbin/newaliases
smtpd_reject_unlisted_recipient = no
smtpd_data_restrictions = reject_unauth_pipelining
local_header_rewrite_clients = permit_mynetworks,permit_sasl_authenticated
smtpd_tls_key_file = /opt/zimbra/conf/smtpd.key
command_directory = /opt/zimbra/postfix/sbin
smtpd_sasl_auth_enable = yes
permitted_senders_list = check_sender_access hash:/opt/zimbra/postfix/conf/permitted_senders, reject smtpd_restriction_classes = permitted_senders_list
sender_bcc_maps = hash:/opt/zimbra/postfix/conf/sender_bcc
policy_time_limit = 3600
lmtp_host_lookup = dns
Note: Long story about 'mynetworks'-Basically person in office with a Verizon Smartphone and getting POP3 access to that darn thing......
My Steps: Code:
zimbra:~ # su zimbra
zimbra@zimbra:/root> /opt/zimbra/postfix/conf/update_protected_recipients
rebulid permitted_senders file...
rebulid protected_recipients file...
zimbra@zimbra:/root> postfix reload
postfix/postfix-script: refreshing the Postfix mail system
zimbra@zimbra:/root>
Zmcontrol restart (stop/start) here also.....
My mail log:
Code:
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: connect from localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: 02C9F2EC07E: client=localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/cleanup[32586]: 02C9F2EC07E: message-id=<954191.14733.qm@web56507.mail.re3.yahoo.com>
Oct 1 11:41:22 zimbra postfix/qmgr[31359]: 02C9F2EC07E: from=<xxxxxxxx@yahoo.com>, size=52626, nrcpt=2 (queue active)
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: disconnect from localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: connect from localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: 371162EC07F: client=localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/cleanup[32586]: 371162EC07F: message-id=<954191.14733.qm@web56507.mail.re3.yahoo.com>
Oct 1 11:41:22 zimbra postfix/qmgr[31359]: 371162EC07F: from=<xxxxxxxxx@yahoo.com>, size=52826, nrcpt=2 (queue active)
Oct 1 11:41:22 zimbra postfix/smtpd[32609]: disconnect from localhost[127.0.0.1]
Oct 1 11:41:22 zimbra postfix/smtp[32587]: 86A192EC072: to=<xxxxxxxxx@gmail.com>, orig_to=<test@zimbra.mydomainxxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=7, delays=0.73/0/0.01/6.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 02C9F2EC07E)
Oct 1 11:41:22 zimbra postfix/smtp[32587]: 86A192EC072: to=<xxxxxxxxx@yahoo.com>, orig_to=<test@zimbra.mydomainxxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=7, delays=0.73/0/0.01/6.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 02C9F2EC07E)
Oct 1 11:41:22 zimbra postfix/smtp[32587]: 86A192EC072: to=<archive@zimbra.mydomainxxx.com>, orig_to=<test@zimbra.mydomainxxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=7, delays=0.73/0/0.01/6.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 02C9F2EC07E)
Oct 1 11:41:22 zimbra postfix/smtp[32587]: 86A192EC072: to=<jhumphrey@zimbra.mydomainxxx.com>, orig_to=<test@zimbra.mydomainxxx.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=7, delays=0.73/0/0.01/6.2, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 02C9F2EC07E)
Oct 1 11:41:22 zimbra postfix/qmgr[31359]: 86A192EC072: removed
Oct 1 11:41:23 zimbra postfix/smtp[1115]: 02C9F2EC07E: to=<xxxxxxxxx@yahoo.com>, relay=b.mx.mail.yahoo.com[66.196.82.7]:25, delay=1.1, delays=0.21/0.05/0.13/0.76, dsn=2.0.0, status=sent (250 ok dirdel)
Oct 1 11:41:23 zimbra postfix/lmtp[32611]: 371162EC07F: to=<archive@zimbra.mydomainxxx.com>, relay=zimbra.mydomainxxx.com[192.168.1.171]:7025, delay=1.7, delays=0.19/0.02/0/1.5, dsn=2.1.5, status=sent (250 2.1.5 OK)
Oct 1 11:41:23 zimbra postfix/lmtp[32611]: 371162EC07F: to=<jhumphrey@zimbra.mydomainxxx.com>, relay=zimbra.mydomainxxx.com[192.168.1.171]:7025, delay=1.7, delays=0.19/0.02/0/1.5, dsn=2.1.5, status=sent (250 2.1.5 OK)
Oct 1 11:41:23 zimbra postfix/qmgr[31359]: 371162EC07F: removed
Oct 1 11:41:25 zimbra postfix/smtp[1114]: 02C9F2EC07E: to=<xxxxxxxxx@gmail.com>, relay=gmail-smtp-in.l.google.com[209.85.221.76]:25, delay=3.2, delays=0.21/0.03/0.48/2.5, dsn=2.0.0, status=sent (250 2.0.0 OK 1254411685 8si477725qyk.22
What the heck am I missing here? Any assistance greatly appreciated! :->
Bugzilla
Wiki
Source
RestrictPostFixRecipients Issue... 
Linear Mode
