IP Whitelist RBL in Zimbra 7
OS : CentOS 5.6 64bit
ZCS : Release 7.1.0_GA_3140.RHEL5_64_20110329150833 CentOS5_64 FOSS edition.
[root@mail conf]# su zimbra [zimbra@mail conf]$ vi /opt/zimbra/conf/postfix_recipient_restrictions.cf
Add line 6 (highlight line) to postfix_recipient_restrictions.cf file
%%contains VAR:zimbraServiceEnabled cbpolicyd, check_policy_service inet:127.0.0.1:10031%% reject_non_fqdn_recipient permit_sasl_authenticated permit_mynetworks reject_unauth_destination check_client_access hash:/opt/zimbra/conf/allow_rbl reject_unlisted_recipient %%contains VAR:zimbraMtaRestriction reject_invalid_hostname%% %%contains VAR:zimbraMtaRestriction reject_non_fqdn_hostname%% %%contains VAR:zimbraMtaRestriction reject_non_fqdn_sender%% %%contains VAR:zimbraMtaRestriction reject_unknown_client%% %%contains VAR:zimbraMtaRestriction reject_unknown_hostname%% %%contains VAR:zimbraMtaRestriction reject_unknown_sender_domain%% %%explode reject_rbl_client VAR:zimbraMtaRestrictionRBLs%% %%contains VAR:zimbraMtaRestriction check_policy_service unix:private/policy%% permit
Create file allow_rbl in /opt/zimbra/conf
[zimbra@mail conf]$ vi /opt/zimbra/conf/allow_rbl
allow_rbl file inside :
114.57.xxx.xxx OK 202.155.xxx.xxx OK
Convert the allow_rbl file into maptype database file and restart MTA
[zimbra@mail conf]$ postmap /opt/zimbra/conf/allow_rbl [zimbra@mail conf]$ zmmtactl restart Rewriting configuration files...done. postfix/postfix-script: refreshing the Postfix mail system Stopping saslauthd...done. Starting saslauthd...done. [zimbra@mail conf]$