Results 1 to 4 of 4

Thread: Trust IP for receiving but not relaying

  1. #1
    gtr33m is offline Loyal Member
    Join Date
    May 2008
    Location
    Melbourne, Australia
    Posts
    96
    Rep Power
    7

    Default Trust IP for receiving but not relaying

    I've got a couple of IPs that I need to receive mail for, but they are blacklisted on several RBL lists which I use and want to keep active.

    I can add them as trusted MTAs, and can receive mail, but I'm a bit reluctanct to do this as I don't want them to be able to relay mail, just send mail without being blocked because of RBL.

    I've done some searching and found the that problem lies with Postfix, and not Spamassasin as it is being rejected completely before being received. Some more searching has lead me to a good solution How To Whitelist Hosts/IP Addresses In Postfix | HowtoForge - Linux Howtos and Tutorials which involves creating a whitelist file and modifying the main.cf file to read the whitelist file.

    Problem is, modifying the main.cf file seems to be not recommended and instead needs to be done with zmprov. What I'd like to do is add something similar to
    Code:
    check_client_access hash:/etc/postfix/rbl_override,
    to smtpd_recipient_restrictions.

    Is this good idea or even supported?
    Mark Hawkins

    Medalist

  2. #2
    phoenix is online now Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,470
    Rep Power
    56

    Default

    Quote Originally Posted by gtr33m View Post
    I can add them as trusted MTAs, and can receive mail, but I'm a bit reluctanct to do this as I don't want them to be able to relay mail, just send mail without being blocked because of RBL.
    Do NOT add them to the Trusted MTA field, that's not what it's for. Search the wiki for 'whitelist' for details on how to whitelist an IP or email address.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

  3. #3
    gmichels is offline Intermediate Member
    Join Date
    Oct 2008
    Location
    Brazil
    Posts
    16
    Rep Power
    6

    Default

    Add to /opt/zimbra/conf/postfix_recipient_restrictions.cf, before the RBL entries:
    Code:
    check_client_access hash:/opt/zimbra/conf/rbl_override
    Edit the file with the IPs you need to whitelist, postmap it and postfix reload as the zimbra user.

    Works for me, but be aware that the postfix_recipient_restrictions.cf file will probably be overwritten on zimbra upgrades, so keep a backup copy.

  4. #4
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    nice hint, did not really know about the RBL override. thanks and kudos

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 32
    Last Post: 03-18-2011, 11:03 AM
  2. zmclamdctl is not running after upgrade
    By Darren in forum Installation
    Replies: 24
    Last Post: 10-10-2008, 09:10 AM
  3. Binding zimbra ldap to a specific ip
    By carnold in forum Administrators
    Replies: 1
    Last Post: 11-08-2007, 01:06 PM
  4. Zimbra Samba PDC with a Trust Relationship to AD
    By kurt.oconnor in forum Administrators
    Replies: 7
    Last Post: 07-30-2007, 09:43 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •