Hello everyone, Zimbra Collaboration includes anti-SPAM and antivirus technologies such as Postscreen, Spamassasin, Amavis, ClamAV, etc. But sometimes, for legal reasons, etc., we need to block certain senders or even entire domains from sending unsolicited email.
To do this, we will use the tools that come native to Zimbra Collaboration, and with a few simple commands, we can granularly protect our email users. Here’s how…
Create a file called /opt/zimbra/postfix/conf/postfix_reject_sender with the list of email addresses and domains to be rejected in the below format:
firstname.lastname@example.org REJECT domainX.com REJECT
As Zimbra user, execute the zimbraMtaSmtpdSenderRestrictions command:
zmprov ms 'yourzimbraservername' +zimbraMtaSmtpdSenderRestrictions "check_sender_access lmdb:/opt/zimbra/postfix/conf/postfix_reject_sender"
Then we will need to postmap it:
We can wait around 60 seconds until the Zimbra MTA pick up the changes, or force the changes with a restart to the MTA services with:
You will see an output similar to this:
Rewriting configuration files...done. Stopping saslauthd...done. Starting saslauthd...done. /postfix-script: refreshing the Postfix mail system
If one of the blocked users or domains tries to send us an email, on the zimbra.log you will see something similar to this, (mind the error saying “Sender address rejected: Access denied”):
Sep 7 14:19:57 mail postfix/postscreen: CONNECT from [188.8.131.52]:32831 to [184.108.40.206]:25 Sep 7 14:20:01 mail zimbramon: 15143:info: 2017-09-07 14:20:01, QUEUE: 0 0 Sep 7 14:20:03 mail postfix/postscreen: PASS NEW [220.127.116.11]:32831 Sep 7 14:20:03 mail postfix/smtpd: connect from mail-wm0-f45.google.com[18.104.22.168] Sep 7 14:20:03 mail postfix/smtpd: Anonymous TLS connection established from mail-wm0-f45.google.com[22.214.171.124]: TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits) Sep 7 14:20:03 mail postfix/smtpd: NOQUEUE: filter: RCPT from mail-wm0-f45.google.com[126.96.36.199]:
: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from= to= proto=ESMTP helo= Sep 7 14:20:03 mail postfix/smtpd: NOQUEUE: reject: RCPT from mail-wm0-f45.google.com[188.8.131.52]: 554 5.7.1 : Sender address rejected: Access denied; from= to= proto=ESMTP helo= Sep 7 14:20:03 mail postfix/smtpd: disconnect from mail-wm0-f45.google.com[184.108.40.206] ehlo=2 starttls=1 mail=1 rcpt=0/1 data=0/1 quit=1 commands=5/7