⬆️ ⬇️

How to make a black and white list in Zimbra

RBL (Realtime Blackhole List) services were the first effective anti-spam tool. They were arranged almost the same - there is a list of "bad" IP-addresses, access to which is carried out in real time via the DNS protocol. RBL mail servers, when receiving the next message, request a service (or several RBL services) about whether the sender's IP address is “bad” and, based on the RBL reply, either accept or reject the letter. Most server mailers can currently work with RBL services.

image



With Zimbra Collaboration Server 8.5 and later, you can maintain a blacklist of IP addresses to connect to Postfix. This is useful in the case of DOS and directed spam attack scenarios. Many clients use RBL to block spammers from flooding them with MTA spam. However, this does not always help to solve the problem when your server is already attacked. Starting with Zimbra Collaboration Server 8.5, you can create a database on disk, which allows you to maintain a specific black list of IP addresses.



Creating a Whitelist



1. Create a postfix_rbl_override file



root@unix:/# nano /opt/zimbra/conf/postfix_rbl_override



2. Add trusted IP addresses to the created file.

')

1.2.3.4 OK

5.6.7.8 OK




3. Execute the postmap command to save the settings in postfix. This command is executed from the user zimbra



root@unix:/# postmap /opt/zimbra/conf/postfix_rbl_override



4. Run the zmprov command to apply these changes to the Zimbra Collaboration Server.



root@unix:/# zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'



postmap must be run every time after the change.



Create a blacklist (blackList)



1. Create a postfix_blacklist file:



root@unix:/# nano /opt/zimbra/conf/postfix_blacklist



2. Add blocked IP addresses to the created file.



1.2.3.4 REJECT

5.6.7.8 REJECT




3. Execute the postmap command to save the settings in postfix. This command is executed from the user zimbra



root@unix:/# postmap /opt/zimbra/conf/postfix_blacklist



4. Run the zmprov command to apply these changes to the Zimbra Collaboration Server.



root@unix:/# zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist'



postmap must be run each time after the change.

Source: https://habr.com/ru/post/341804/



All Articles