whitelist&Blacklist

---

Configure whitelist and blacklist Zimbra Amavis Spam filtering

NOQUEUE: Postfix hasn’t assigned a queue-id to this message as of yet.

Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026: This means an email will be filtered through amavis. By default, all sender addresses will be triggered.

Whitelist | Blacklist a domain or email address on Zimbra Amavis

Create two files that will store the domains and email addresses you wish to whitelist or blacklist.

$ sudo touch /opt/zimbra/conf/{whitelist,blacklist}

All whitelists will be in the file /opt/zimbra/conf/whitelist, the blacklisted will be in the file /opt/zimbra/conf/blacklist. Example

$ cat /opt/zimbra/conf/whitelist

jmutai@example.com example.org

$ cat /opt/zimbra/conf/blacklist

spammer@example.com

fakedomain.com

Now you need to modify your /opt/zimbra/conf/amavisd.conf.in configuration file have checks on the two files we just added above.

read_hash(%whitelist_sender, '/opt/zimbra/conf/whitelist'); read_hash(%blacklist_sender, '/opt/zimbra/conf/blacklist');

After saving the changes, restart the amavis service.

# su - zimbra -c "zmamavisdctl restart"

You can now retry sending email from a blocked domain/address or whitelisted ones and see if the email is delivered.

Whitelist certain IP ranges on Zimbra Amavis

Assuming you trust a network e.g an internal network and would like to bypass checks for these networks, you can configure this on Amavis. First, you need to enable bypass feature which is disabled by default.

$ sudo su - zimbra

$ zmprov mcf zimbraAmavisOriginatingBypassSA TRUE

When it has been enabled, restart the following services related to Amavis.

$ zmantispamctl restart

$ zmantivirusctl restart

$ zmamavisdctl restart

Only then should Amavis bypass SpamAssassin for all messages originating internal trusted networks.

Check the setting for the current list of trusted networks

$ sudo su - zimbra

$ postconf mynetworks

$ zmprov gs `zmhostname` zimbraMtaMyNetworks

To update a list of trusted MTA networks, use the commands:

$ sudo su - zimbra

$ zmprov ms `zmhostname` zimbraMtaMyNetworks '127.0.0.0/8 10.0.0.0/8 192.168.3.0/22'

A point to note is that zmconfigd will automatically restart the MTA processes after this change is made. The zimbraMtaMyNetworks configuration is then included in Amavis in @mynetworks, which causes those IPs to be white-listed.

--