In zimbra mailserver you can restrict/allow user to send mail with local user using smtpd_sender_restrictions.
Here is steps of this setup follow the below article
Login to Zimbra User
# su – zimbra
$ cd /opt/zimbra/conf
[zimbra@mail conf]$ echo "user@example.com restrict_tpmail" > tpmail_senders
$cat tpmail_senders
user@example.com restrict_tpmail
Update file
[zimbra@mail conf]$ postmap tpmail_senders
Note: You can add users in this file tpmail_senders who you want to restrict and update.
[zimbra@mail conf]$ cd /opt/zimbra/conf
Find/Get Available domain name
[zimbra@mail conf]$ zmprov -l gad
example.com
[zimbra@mail conf]$ echo "example.com OK" > tpmail_recipients
Update file
[zimbra@mail conf]$ postmap tpmail_recipients
[zimbra@mail conf]$ cat tpmail_recipients
example.com OK
Note : You can allow more than one domains (xyz.com) in this file tpmail_recipients
Add higlighted/Bold line in file smtpd_sender_restrictions
[zimbra@mail conf]$ vim /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
%%exact VAR:zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch%%
%%contains VAR:zimbraServiceEnabled cbpolicyd^ check_policy_service inet:localhost:%%zimbraCBPolicydBindPort%%%%
%%contains VAR:zimbraServiceEnabled amavis^ check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_originating.re%%
check_sender_access texthash:/opt/zimbra/conf/tpmail_senders
permit_mynetworks, reject_sender_login_mismatch
permit_sasl_authenticated
permit_tls_clientcerts
%%contains VAR:zimbraServiceEnabled amavis^ check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_foreign.re%%
Go to the Postfix config file and add below parameter
[zimbra@mail conf]$ vim /opt/zimbra/postfix/conf/main.cf
smtpd_restriction_classes = restrict_tpmail
restrict_tpmail = check_recipient_access texthash:/opt/zimbra/conf/tpmail_recipients, reject
Restart service
[zimbra@mail conf]$ zmmtactl restart
[zimbra@mail conf]$ postfix reload
Note: this document is tested in Zimbra 8.5, 8.6, 8.7
Here is steps of this setup follow the below article
Login to Zimbra User
# su – zimbra
$ cd /opt/zimbra/conf
[zimbra@mail conf]$ echo "user@example.com restrict_tpmail" > tpmail_senders
$cat tpmail_senders
user@example.com restrict_tpmail
Update file
[zimbra@mail conf]$ postmap tpmail_senders
Note: You can add users in this file tpmail_senders who you want to restrict and update.
[zimbra@mail conf]$ cd /opt/zimbra/conf
Find/Get Available domain name
[zimbra@mail conf]$ zmprov -l gad
example.com
[zimbra@mail conf]$ echo "example.com OK" > tpmail_recipients
Update file
[zimbra@mail conf]$ postmap tpmail_recipients
[zimbra@mail conf]$ cat tpmail_recipients
example.com OK
Note : You can allow more than one domains (xyz.com) in this file tpmail_recipients
Add higlighted/Bold line in file smtpd_sender_restrictions
[zimbra@mail conf]$ vim /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf
%%exact VAR:zimbraMtaSmtpdSenderRestrictions reject_authenticated_sender_login_mismatch%%
%%contains VAR:zimbraServiceEnabled cbpolicyd^ check_policy_service inet:localhost:%%zimbraCBPolicydBindPort%%%%
%%contains VAR:zimbraServiceEnabled amavis^ check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_originating.re%%
check_sender_access texthash:/opt/zimbra/conf/tpmail_senders
permit_mynetworks, reject_sender_login_mismatch
permit_sasl_authenticated
permit_tls_clientcerts
%%contains VAR:zimbraServiceEnabled amavis^ check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_foreign.re%%
Go to the Postfix config file and add below parameter
[zimbra@mail conf]$ vim /opt/zimbra/postfix/conf/main.cf
smtpd_restriction_classes = restrict_tpmail
restrict_tpmail = check_recipient_access texthash:/opt/zimbra/conf/tpmail_recipients, reject
Restart service
[zimbra@mail conf]$ zmmtactl restart
[zimbra@mail conf]$ postfix reload
Note: this document is tested in Zimbra 8.5, 8.6, 8.7
Thanks for sharing,get an affordable spma filter service at sixthstar technologies.
ReplyDelete