[SOLVED] Blocking client hosts: am I doing it right?

[samkrieg]

Hi,

I'm using Zimbra Network Edition v. 6.
I'm fairly new to Zimbra and not familiar with Postfix.

I'm suffering of vilains trying to send emails to my users. I want to block their IP/hostname serverwide.

I want to create a file containing blacklisted hosts. Here's how I think I should do, I need someone to tell me if I'm doing it right or wrong:

Code:

$ su - zimbra

1. Check current config on client restrictions:

Code:

$ zmlocalconfig postfix_smtpd_client_restrictions
postfix_smtpd_client_restrictions = reject_unauth_pipelining

2. Add my file to the client restrictions

Code:

$ zmlocalconfig -e postfix_smtpd_client_restrictions="reject_unauth_pipelining hash:/opt/zimbra/postfix/conf/client_access"

3. Add the abusing hosts (example hosts here, but you know what I'm talking about)

Code:

$ echo "1.2.3.4 REJECT"          >> /opt/zimbra/postfix/conf/client_access
$ echo "79.99.34.0/24 REJECT"    >> /opt/zimbra/postfix/conf/client_access
$ echo "enlarge-your-p3nis.com REJECT"   >> /opt/zimbra/postfix/conf/client_access/conf/client_access

4. Do the postmap stuff

Code:

postmap /opt/zimbra/postfix/conf/client_access

5. Restart Zimbra

Code:

zmmtactl stop && zmmtactl start

6. Coffee

Questions:

* Using zmlocalconfig, am I doing the proper way with Zimbra?
* Using hash:/some/file, am I doing the proper way with Postfix?
* Does Postfix understand CIDR notation in the file?
* Will my work be overwritten on next update?
* Do I really need to restart Zimbra?

Many thanks for your help.
Sam

[samkrieg]

Yes, this works and this looks like the propert way to do it.