Results 1 to 5 of 5

Thread: rbl config question

  1. #1
    scottnelson is offline Special Member
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default rbl config question

    Which module actually does the rbl processing?

    I have entered the
    zmprov mcf zimbraMtaRestriction "reject_rbl_client bl.spamcop.net"

    command, but doesn't seem to stick for some reason.
    When I do a: zmprov gacf | grep zimbraMtaRestriction
    right after I add it, it comes up but after while, nothing appears.
    Like I cleared it out somehow.
    Would a Admin Console GUI change clear RBL's out?

    Also, I need to whiltelist the RBL's by IP Address, which one of these files would the whilelist need to go in:

    /opt/zimbra/conf/salocal.cf
    /opt/zimbra/conf/salocal.cf.in
    /opt/zimbra/conf/amavisd.conf
    /opt/zimbra/conf/amavisd.conf.in
    /opt/zimbra/conf/spamassassin/local.cf

    ??

    Also, what's the difference between the ".in" files and files without the ".in" extension ?


    Searching for whilelist stuff doesn't really turn up anything on zimbra forums search that relates to what I need.

    Thanks in advance. :-)

    Scotty

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,505
    Rep Power
    57

    Default

    Welcome to the forums.

    You can use whitelist rules using rules_du_jour form link or create your own, have a look at this page.

    The zmprov command for changing the RBL list should persist, what circumstances seem to make it change?

    The .in files are the default configuration files for Zimbra it uses them to create the 'normal' files on a restart. You can modify the .in files but they will be overwritten on a Zimbra upgrade.
    Last edited by phoenix; 10-06-2006 at 06:45 AM.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    scottnelson is offline Special Member
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default

    Thanks for the info on the ".in" stuff .
    Makes sense.

    I am not sure what causes the rbl's to not show up when I run the:
    'zmprov gacf | grep zimbraMtaRestriction' command to check for what rbl's are being used. More than likely it's something I did but don't know what really. I suspect that when I do some global config change via the gui, it wacks it. <shrug>

    So zimbra is OK with me mucking around in the:
    /opt/zimbra/conf/spamassassin directory?
    There are /conf directories everywhere so I just want to make sure that:
    1. I am making the changes to the right config files
    2. I don't hose something up that zimbra modifies or needs to modify which then overwrites what I just changed or worse, some feature stops working
    Just wasn't sure if zimbra had it's own conf stuff for to configure spamassassin or spamassassin used the stuff in the /opt/zimbra/conf/spamassassin directory.

    I have seen the"rules_du_hour" reference come up a couple of times but not quite ready to try that yet, though it looks real easy to setup.
    Looking at some of the whitelist stuff, saw some stuff I wouldn't want to whitelist so would have to go over the rules before I made the jump.


    Thanks again. :-)

    Scotty

  4. #4
    scottnelson is offline Special Member
    Join Date
    Jun 2006
    Location
    Washington DC
    Posts
    124
    Rep Power
    9

    Default

    Figured out what is wiping out the RBL list from what I enter via the:
    zmprov mcf zimbraMtaRestriction "reject_rbl_client bl.spamcop.net"
    command.

    I made a change in the GUI, via "Global Settings", "Anti-Virus" tab and changed from 2 hours to 5 hours and then did the 'zmprov gacf | grep zimbraMtaRestriction' command and Viola! No RBL's.
    LDAP magic I suppose. ;-)

    Don't see this as a show stopper or anything. Don't plan on making many "Global Settings" changes anyway.

    More FYI than anything else. :-)

    I'll submit this to Zimbra just so they know and all.

    Scotty

  5. #5
    pacsteel is offline Active Member
    Join Date
    Oct 2006
    Location
    Montana
    Posts
    38
    Rep Power
    8

    Default

    Just for information, in case anybody else --like me-- runs into this issue, it is bug 8146, fixed as of 2008-02-21 (which probably puts it in version 5.03).

    However, if you can't upgrade for some reason -- again like me-- here is a work-around that makes it persistant so you don't have to opening up a console and running zmprov to reset the settings all the time.

    Edit the file /opt/zimbra/conf/postfix_recipient_restrictions.cf

    and change (don't comment it out, actually change it) each line that has an RBL you want to use. For example, from this:
    Code:
    %%contains VAR:zimbraMtaRestriction reject_rbl_client cbl.abuseat.org%%
    to this:
    Code:
    reject_rbl_client cbl.abuseat.org
    Reload your postfix settings, by making a change in the GUI, via "Global Settings", "Anti-Virus" tab and changing from 2 hours to 5 hours for example, or zmcontrol stop & start.

    The 'zmprov gcf zimbraMtaRestriction' command will not show it taking effect, but if you watch the appropriate log you should see it start rejecting messages. 'tail -f /var/log/zimbra.log | grep NOQUEUE' works on my version, other versions may log it to different places.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Zimbra Install Problem - getDirectContext
    By bsimzer in forum Installation
    Replies: 27
    Last Post: 07-19-2007, 10:12 AM
  2. Replies: 13
    Last Post: 05-15-2007, 06:41 AM
  3. Replies: 9
    Last Post: 04-14-2007, 08:31 AM
  4. Zimbra not listening on port 7071
    By carllerche in forum Installation
    Replies: 10
    Last Post: 04-03-2007, 09:23 PM
  5. M2 -> M3 upgrade
    By gutzeit in forum Installation
    Replies: 26
    Last Post: 01-12-2006, 10:46 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •