Whitelists and Blacklists
Whitelist and blacklist email in zimbra
Create Blacklist and whitelist file
#su - zimbra
$vim /opt/zimbra/conf/amavisd.conf.in (Make entry in below)
read_hash(\%whitelist_sender, '/opt/zimbra/whitelist');
read_hash(\%blacklist_sender, '/opt/zimbra/blacklist');
read_hash(\%spam_lovers, '/opt/zimbra/spamlovers');
From root
#touch /opt/zimbra/{whitelist,blacklist,spamlovers}
#chown zimbra:zimbra /opt/zimbra/{whitelist,blacklist,spamlovers}
#su - zimbra
$zmamavisdctl restart
$zmmtactl restart
Now Whitelist email
$vim /opt/zimbra/whitelist
accountname@domainname
domain_name
$zmmtactl restart
Now Blacklist email
$vim /opt/zimbra/blacklist
accountname@domainname
domain_name
$zmmtactl restart
---------------------------------------------------------------------------
add Whitelists and Blacklists on Zimbra
To add blackist or whitelist entries to your salocal.cf.in file.
[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in
blacklist_from *fenpropertyservices.co.uk
blacklist_from *marshallsestateagents.co.uk
whitelist_from m.rajesh@yahoo.com
whitelist_from ganesh@gmail.com
To set domain or IP level spam score in zimbra
[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in
# To set white listed domain or IP (score -1 to -10 : default -5)
# read_hash(“/var/amavis/sender_scores_sitewide”),
{ # a hash-type lookup table (associative array)
‘nobody@cert.org’ => -3.0,
‘cert-advisory@us-cert.gov’ => -3.0,
# To set block listed domain or IP (score 1 to 10)
# soft-blacklisting (positive score)
‘sender@example.net’ => 3.0,
‘.example.net’ => 1.0,
‘.domain.com’ => 8.0,
————————————————————–
The simplest filtering methods for spamassasin are the blacklist and whitelist. Blacklist entries block all email from an address or domain, and whitelist entries bypass all filtering for an address or domain.
Restart Zimbra spamassassin by using following command.
[zimbra@mail root]$ zmmtactl restart && zmamavisdctl restart
---------------------------------
blacklist or Whitelist IP address/Hostname [postfix]
Many clients use RBLs to block spammers from flooding their MTAs with spam. Unfortunately, perfectly valid sites occasionally end up on these lists. With ZCS 8.5 and later, it is possible to create an on-disk database map that allows the client to whitelist specific blacklisted IPs so that emails from those IPs still get delivered.
To whitelist Edit file /opt/zimbra/conf/postfix_rbl_override and below parameter
1.2.3.4 OK
Now run postmap to apply changes in postfix
$postmap /opt/zimbra/conf/postfix_rbl_override
For zimbra 8.5, 8.6
$zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'
To blacklist Edit file /opt/zimbra/conf/postfix_blacklist . Add IP address SPACE REJECT to the file
1.2.3.4 REJECT
Run postmap command
$ postmap /opt/zimbra/conf/postfix_blacklist
For zimbra 8.5, 8.6
$zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist'
Restart service
$ zmmtactl restart
------------------------------------------------
How to whitelist and blacklist email using salocal.cf.in in zimbra
We can blacklist any email id and domain in zimbra mail server for decreasing spam mail manually. We can also whitelist domain or email id if you do not want this to receive in junk or due to any reason you do not receive mail from outside.
Blacklist email id and domain in zimbra using SpamAssassin config file
$vim /opt/zimbra/conf/salocal.cf.in (Make entry below of file)
blacklist_from *@domain.com
blacklist_from user@domain.com
Restart below service to take effect
$ zmmtactl restart && zmamavisdctl restart
Now, send testmail from outside. your mail will be discarded .
Whitelist email id and domain in zimbra
$vim /opt/zimbra/conf/salocal.cf.in (Make entry below of file)
whitelist_from *@domain.com
whitelist_from user@domain.com
Restart below service to take effect
$ zmmtactl restart && zmamavisdctl restart
Whitelist | Blacklist a domain or email address on Zimbra Amavis
Create two files that will store the domains and email addresses you wish to whitelist or blacklist.
$ sudo touch /opt/zimbra/conf/{whitelist,blacklist}
All whitelists will be in the file /opt/zimbra/conf/whitelist, the blacklisted will be in the file /opt/zimbra/conf/blacklist. Example
$ cat /opt/zimbra/conf/whitelist
jmutai@example.com example.org
$ cat /opt/zimbra/conf/blacklist
spammer@example.com
Now you need to modify your /opt/zimbra/conf/amavisd.conf.in configuration file have checks on the two files we just added above.
read_hash(%whitelist_sender, '/opt/zimbra/conf/whitelist'); read_hash(%blacklist_sender, '/opt/zimbra/conf/blacklist');
After saving the changes, restart the amavis service.
sudo su - zimbra -c "zmamavisdctl restart"
You can now retry sending email from a blocked domain/address or whitelisted ones and see if the email is delivered.
-----