Page 1 of 2 12 LastLast
Results 1 to 10 of 14

Thread: Cbpolicyd not greylisting

  1. #1
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default Cbpolicyd not greylisting

    Hello, setup cbpolicyd, but it not work. If i sent mail message from another server, policyd not reject it with error 450... It logged and sent mail to mailbox... How start graylisting?

    Module is on:

    Code:
    # Server configuration
    #
    [server]
    
    # Protocols to load
    protocols=<<EOT
    Postfix
    Bizanga
    EOT
    
    # Modules to load
    modules=<<EOT
    Core
    AccessControl
    Accounting
    Amavis
    CheckHelo
    CheckSPF
    Greylisting
    Quotas
    EOT
    
    # User to run this daemon as
    user=zimbra
    group=zimbra
    
    # Filename to store pid of parent process
    pid_file=/opt/zimbra/log/cbpolicyd.pid
    
    # Cache file
    cache_file=/opt/zimbra/data/cache
    
    # Uncommenting the below option will prevent cbpolicyd going into the background
    background=yes
    
    # Preforking configuration
    #
    # min_server		- Minimum servers to keep around
    # min_spare_servers	- Minimum spare servers to keep around ready to 
    # 			  handle requests
    # max_spare_servers	- Maximum spare servers to have around doing nothing
    # max_servers		- Maximum servers alltogether
    # max_requests		- Maximum number of requests each child will serve
    #
    # One may want to use the following as a rough guideline...
    # Small mailserver:  2, 2, 4, 10, 1000
    # Medium mailserver: 4, 4, 12, 25, 1000
    # Large mailserver: 8, 8, 16, 64, 1000
    #
    #min_servers=4
    #min_spare_servers=4
    #max_spare_servers=12
    #max_servers=25
    #max_requests=1000
    
    # Log level:
    # 0 - Errors only
    # 1 - Warnings and errors
    # 2 - Notices, warnings, errors
    # 3 - Info, notices, warnings, errors
    # 4 - Debugging 
    log_level=4
    
    # File to log to instead of stdout
    log_file=/opt/zimbra/log/cbpolicyd.log
    
    # Log destination for mail logs...
    # main		- Default. Log to policyd's main log mechanism, accepts NO args
    # syslog	- log mail via syslog
    #			format: log_mail=facility@method,args
    #
    # Valid methods for syslog:
    # native	- Let Sys::Syslog decide
    # unix		- Unix socket
    # udp		- UDP socket
    # stream	- Stream (for Solaris)
    #
    # Example: unix native
    #log_mail=mail@syslog:native
    #
    # Example: unix socket 
    #log_mail=mail@syslog:unix
    #
    # Example: udp
    #log_mail=mail@syslog:udp,127.0.0.1
    #
    # Example: Solaris 
    #log_mail=local0@syslog:stream,/dev/log
    log_mail=main
    
    # Things to log in extreme detail
    # modules 	- Log detailed module running information
    # tracking 	- Log detailed tracking information
    # policies 	- Log policy resolution
    # protocols 	- Log general protocol info, but detailed
    # bizanga 	- Log the bizanga protocol
    # cache		- Log cache usage on client shutdown
    #
    # There is no default for this configuration option. Options can be
    # separated by commas. ie. protocols,modules
    #
    log_detail=modules,tracking,policies
    
    # Protocol to use "tcp" or "unix", defaults to "tcp"
    #proto=tcp
    
    # IP to listen on, * for all. Blank for unix sockets
    host=localhost
    
    # Port to run on, in the case of a unix socket it would be the path
    # eg. 10031
    # eg. /var/run/cbpolicyd/policyd.sock
    port=10031
    
    # Timeout in communication with clients
    # Idle timeout in postfix defaults to 1015s (active connection)
    timeout_idle=1020
    # Busy sockets in postfix defaults to 100s
    timeout_busy=120
    
    # cidr_allow/cidr_deny
    # Comma, whitespace or semi-colon separated. Contains a CIDR block to 
    # compare the clients IP to.  If cidr_allow or cidr_deny options are 
    # given, the incoming client must match a cidr_allow and not match a 
    # cidr_deny or the client connection will be closed.
    #cidr_allow=0.0.0.0/0
    #cidr_deny=
    
    
    
    [database]
    #DSN=DBI:SQLite:dbname=policyd.sqlite
    DSN=DBI:SQLite:dbname=/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb
    #Username=root
    #Password=
    #
    
    # What do we do when we have a database connection problem
    # tempfail	- Return temporary failure
    # pass		- Return success
    bypass_mode=tempfail
    
    # How many seconds before we retry a DB connection
    bypass_timeout=30
    
    # Table prefix to use, be sure to generate the schema with the table 
    # prefix aswell!
    #table_prefix=
    
    
    # Access Control module
    [AccessControl]
    enable=0
    
    
    # Accounting module
    [Accounting]
    enable=0
    
    
    # Amavis module
    [Amavis]
    enable=0 # Disabled by default
    
    
    # CheckHelo module
    [CheckHelo]
    enable=0
    
    
    # CheckSPF module
    [CheckSPF]
    enable=0
    
    
    # Greylisting module
    [Greylisting]
    enable=1
    training_mode=0
    defer_message=Greylisting in effect, please come back later
    blacklist_message=Greylisting in effect, sending server blacklisted
    
    
    # Quotas module
    [Quotas]
    enable=1
    In main.conf

    Code:
    smtpd_recipient_restrictions = check_policy_service inet:localhost:10031, reject_non_fqdn_recipient, permit_mynetworks, reject_unlisted_recipient, permit
    
    smtpd_end_of_data_restrictions = check_policy_service inet:localhost:10031
    Why it not greylist new messages?

  2. #2
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    Zimbra is dead project?

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,485
    Rep Power
    56

    Default

    Quote Originally Posted by plastilin View Post
    Hello, setup cbpolicyd, but it not work.
    Which instructions did you follow this or this?

    Quote Originally Posted by plastilin View Post
    Zimbra is dead project?
    Probably but you could always do your own research in the forums, the wiki or even the project pages for cbpolicyd.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  4. #4
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    Hello. I use this Postfix Policyd - Zimbra :: Wiki for policyd setup.

  5. #5
    quanah is online now Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,265
    Rep Power
    10

    Default

    Zimbra version?
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  6. #6
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    Release 8.0.4.GA.5737.UBUNTU12.64 UBUNTU12_64 FOSS edition.

    In configs:

    Code:
    zimbra@bravo:~/libexec$ zmlocalconfig | grep policyd
    cbpolicyd_bind_port = 10031
    cbpolicyd_bypass_mode = tempfail
    cbpolicyd_bypass_timeout = 30
    cbpolicyd_cache_file = ${zimbra_home}/data/cache
    cbpolicyd_db_file = ${zimbra_home}/data/cbpolicyd/db/cbpolicyd.sqlitedb
    cbpolicyd_log_detail = modules,tracking,policies
    cbpolicyd_log_file = ${zimbra_log_directory}/cbpolicyd.log
    cbpolicyd_log_level = 4
    cbpolicyd_log_mail = main
    cbpolicyd_module_accesscontrol = 1
    cbpolicyd_module_accounting = 0
    cbpolicyd_module_amavis = 0
    cbpolicyd_module_checkhelo = 1
    cbpolicyd_module_checkspf = 1
    cbpolicyd_module_greylisting = 1
    cbpolicyd_module_greylisting_blacklist_msg = Greylisting in effect, sending server blacklisted
    cbpolicyd_module_greylisting_defer_msg = Greylisting in effect, please come back later
    cbpolicyd_module_greylisting_training = 0
    cbpolicyd_module_quotas = 1
    cbpolicyd_pid_file = ${zimbra_log_directory}/cbpolicyd.pid
    cbpolicyd_timeout_busy = 120
    cbpolicyd_timeout_idle = 1020
    postfix_enable_smtpd_policyd = no
    In logs:

    Cbpolicyd

    Code:
    [2013/06/21-11:04:50 - 24105] [TRACKING] DEBUG: Decoded into: $VAR1 = {
              'user@domain.com.ua' => {
                                              '0' => [
                                                       '1'
                                                     ]
                                            }
            };
    [2013/06/21-11:04:50 - 24105] [TRACKING] DEBUG: Request translated into session data: $VAR1 = {
              'SASLUsername' => '',
              'QueueID' => '9D25C653AB',
              'RecipientData' => '/<user@domain.com.ua>#0=1;',
              'EncryptionCipher' => '',
              'Instance' => '761b.51c40922.360f4.0',
              'Size' => '2',
              'EncryptionKeySize' => '0',
              'UnixTimestamp' => 1371801890,
              'ProtocolTransport' => 'Postfix',
              'EncryptionProtocol' => '',
              'Helo' => 'green.domain.ua',
              'ClientAddress' => '195.200.xx.xxx',
              'ClientName' => 'green.domain.ua',
              'Sender' => 'admin@domain.ua',
              'SASLSender' => '',
              '_ClientAddress' => bless( {
                                           'raw_ip' => '195.200.xx.xxx',
                                           'ip' => '195.200.xx.xxx',
                                           'ip_version' => 4,
                                           'cidr' => 32
                                         }, 'awitpt::netip' ),
              'ProtocolState' => 'END-OF-MESSAGE',
              '_Recipient_To_Policy' => {
                                          'user@domain.com.ua' => {
                                                                          '0' => [
                                                                                   '1'
                                                                                 ]
                                                                        }
                                        },
              'Protocol' => 'ESMTP',
              'ClientReverseName' => 'green.domain.ua',
              'SASLMethod' => ''
            };
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] INFO: Got request #2 (pipelined)
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: Access Control Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'Access Control Plugin' returned CBP_SKIP
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: HELO/EHLO Check Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'HELO/EHLO Check Plugin' returned CBP_SKIP
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: SPF Check Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'SPF Check Plugin' returned CBP_SKIP
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: Greylisting Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'Greylisting Plugin' returned CBP_SKIP
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: Quotas Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'Quotas Plugin' returned CBP_CONTINUE
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Running module: Accounting Plugin
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Module 'Accounting Plugin' returned CBP_SKIP
    [2013/06/21-11:04:50 - 24105] [CBPOLICYD] DEBUG: Done with modules
    In Remote Mail Server

    Code:
    Jun 21 11:04:44 green postfix/smtpd[18985]: connect from green.domain.ua[192.168.xx.x]
    Jun 21 11:04:44 green postfix/smtpd[18985]: NOQUEUE: filter: RCPT from green.domain.ua[192.168.xx.x]: <admin@domain.ua>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<admin@domain.ua> to=<user@domain.com.ua> proto=ESMTP helo=<green.domain.ua>
    Jun 21 11:04:44 green postfix/smtpd[18985]: B3532A0022: client=green.domain.ua[192.168.xx.x]
    Jun 21 11:04:44 green postfix/cleanup[18989]: B3532A0022: message-id=<1040269249.25129.1371801884644.JavaMail.root@domain.ua>
    Jun 21 11:04:44 green postfix/qmgr[17881]: B3532A0022: from=<admin@domain.ua>, size=687, nrcpt=2 (queue active)
    Jun 21 11:04:44 green postfix/smtpd[18985]: disconnect from green.domain.ua[192.168.xx.x]
    Jun 21 11:04:50 green postfix/smtpd[18992]: connect from localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/smtpd[18992]: 12B9AA0023: client=localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/cleanup[18989]: 12B9AA0023: message-id=<1040269249.25129.1371801884644.JavaMail.root@domain.ua>
    Jun 21 11:04:50 green postfix/qmgr[17881]: 12B9AA0023: from=<admin@domain.ua>, size=1452, nrcpt=1 (queue active)
    Jun 21 11:04:50 green postfix/smtpd[18992]: disconnect from localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/smtpd[18992]: connect from localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/smtpd[18992]: 19E1AA0024: client=localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/cleanup[18989]: 19E1AA0024: message-id=<1040269249.25129.1371801884644.JavaMail.root@domain.ua>
    Jun 21 11:04:50 green postfix/smtpd[18992]: disconnect from localhost.localdomain[127.0.0.1]
    Jun 21 11:04:50 green postfix/qmgr[17881]: 19E1AA0024: from=<admin@domain.ua>, size=1067, nrcpt=1 (queue active)
    Jun 21 11:04:50 green postfix/smtp[18990]: B3532A0022: to=<user@domain.com.ua>, relay=127.0.0.1[127.0.0.1]:10026, delay=5.4, delays=0.05/0.01/0/5.3, dsn=2.0.0, status=sent (250 2.0.0 from MTA(smtp:[127.0.0.1]:10025): 250 2.0.0 Ok: queued as 12B9AA0023)
    Jun 21 11:04:50 green postfix/qmgr[17881]: B3532A0022: removed
    Jun 21 11:04:50 green postfix/smtp[18995]: 19E1AA0024: to=<user@domain.com.ua>, relay=bravo.domain.com.ua[193.26.xxx.x]:25, delay=0.65, delays=0.02/0.01/0.09/0.53, dsn=2.0.0, status=sent (250 2.0.0 Ok: queued as 9D25C653AB)
    Jun 21 11:04:50 green postfix/qmgr[17881]: 19E1AA0024: removed
    Last edited by plastilin; 06-21-2013 at 01:18 AM.

  7. #7
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    In this Zimbra 8.0.1 Policyd i see that must be

    Code:
    zmlocalconfig -e postfix_enable_smtpd_policyd=yes
    Now it in configs

    Code:
    postfix_enable_smtpd_policyd=no
    You an see at top... I activate it but situation not change, server not grelisting incoming e-mails...

  8. #8
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    It, work but not in the box.

    1. Set up with this Postfix Policyd - Zimbra :: Wiki by zimbra user

    2. Enable service and restart cbpolicyd by zimbra user

    Code:
    zmlocalconfig -e postfix_enable_smtpd_policyd=yes
    zmcbpolicydctl restart
    2. Enable Cbpolicyd Web Interface by root user

    Code:
    nano /opt/zimbra/cbpolicyd-2.0.10/share/webui/includes/config.php
    3. Comment old database and add new database by root user

    Code:
    $DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";
    4. Create symlink for WebUI by root user

    Code:
    cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui
    5. Restart Apache by zimbra user

    zmapachectl restart

    Now go to http://<fqdn_your_mail_server>:7780/webui/index.php and setup new greylisting policy.

    My default greylisting policy is:

    Снимок экрана 2013-06-22.png

    After configure, delete symlink and restart Apache

  9. #9
    quanah is online now Zimbra Employee
    Join Date
    May 2007
    Location
    Zimbra
    Posts
    1,265
    Rep Power
    10

    Default

    or do it via the command line, as documented.
    Quanah Gibson-Mount
    Server Architect
    Zimbra, Inc
    --------------------
    Zimbra :: the leader in open source messaging and collaboration

  10. #10
    plastilin is offline Active Member
    Join Date
    Jan 2010
    Posts
    43
    Rep Power
    5

    Default

    How? Example please...

Page 1 of 2 12 LastLast

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with Greylisting: mails gets rejected
    By maxxer in forum Administrators
    Replies: 8
    Last Post: 12-16-2012, 09:02 PM
  2. Greylisting and a new approach ?
    By uxbod in forum Administrators
    Replies: 2
    Last Post: 11-23-2009, 12:14 AM
  3. Recent spam increase & greylisting
    By grunty in forum Administrators
    Replies: 0
    Last Post: 04-18-2008, 02:37 AM
  4. Upgrade to 5.02 and greylisting question.
    By Miklos Kalman in forum Administrators
    Replies: 4
    Last Post: 02-11-2008, 11:56 AM
  5. greylisting / trying to edit main.cf
    By vitrum in forum Administrators
    Replies: 2
    Last Post: 01-15-2006, 10:00 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •