Bitbull Tech Notes - home of free minds ...

Restrict Zimbra Senders to Distribution List

Recently I had some spam on internal distribution lists.
That was too bad, because it was a first class credit card fake :-)
So I searched and found a simple way to only allow domain sender address to send email to distribution lists.
That solved my problem.

Here is how I did it:

zmprov modifyConfig zimbraMilterServerEnabled TRUE
zmmilterctl restart
zmmilterctl status

ZDOMAIN=mydomain.ch
zmprov gadl $ZDOMAIN | while read dl_email
do
   echo "---- deny all senders to $dl_email"
   zmprov grr dl $dl_email pub -sendToDistList
   echo "---- allow $ZDOMAIN senders to $dl_email"
   zmprov grr dl $dl_email dom $ZDOMAIN sendToDistList
done

zmmtactl reload

This is a good site to read more details:

https://wiki.zimbra.com/wiki/Enabling_and_administering_the_Zimbra_milter

 

 

Zimbra v 8.x DNS Blacklists

Since v8 Zimbra does not implement DNS Blacklists on their default config.

Here are my notes to get it back.

Check configuration:

zimbra@mail01:~$ zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_unknown_sender_domain

Now add the blacklists:

zmprov mcf +zimbraMtaRestriction "reject_rbl_client zen.spamhaus.org"
zmprov mcf +zimbraMtaRestriction "reject_rhsbl_client dbl.spamhaus.org"
zmprov mcf +zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org"   
zmprov mcf +zimbraMtaRestriction "reject_rbl_client bl.spamcop.net"
zmprov mcf +zimbraMtaRestriction "reject_rbl_client dnsbl.sorbs.net"
zmprov mcf +zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org"

Check configuration again:

zimbra@mail01:~$ zmprov gacf | grep zimbraMtaRestriction
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_unknown_sender_domain
zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_client dbl.spamhaus.org
zimbraMtaRestriction: reject_rbl_client cbl.abuseat.org
zimbraMtaRestriction: reject_rbl_client bl.spamcop.net
zimbraMtaRestriction: reject_rbl_client dnsbl.sorbs.net
zimbraMtaRestriction: reject_rbl_client sbl.spamhaus.org

Test it:

[root@proxy1 ~]# telnet mail.mydomain.com 25
Trying 8.2.1.2...
Connected to mail.mydomain.com.
Escape character is '^]'.
220 mail.mydomain.com ESMTP Postfix
ehlo yahoo.com
250-mail.mydomain.com
250-PIPELINING
250-SIZE 20480000
250-VRFY
250-ETRN
250-STARTTLS
250-ENHANCEDSTATUSCODES
250-8BITMIME
250 DSN
mail from: gugu@yahoo.com
250 2.1.0 Ok
rcpt to: chris@mydomain.com
554 5.7.1 Service unavailable; Client host [8.7.5.1] blocked using zen.spamhaus.org; http://www.spamhaus.org/query/bl?ip=8.7.5.1
quit
221 2.0.0 Bye
Connection closed by foreign host.

Check logs:

root@mail01:~# /usr/local/bin/dnsblcount /var/log/zimbra.log
zen.spamhaus.org 1
=================================
Total DNSBL rejections: 1

 

 

 

Home