Whitelists and Blacklists

 Whitelist and blacklist email in zimbra

Create Blacklist and whitelist file

#su - zimbra

$vim /opt/zimbra/conf/amavisd.conf.in  (Make entry in below)

read_hash(\%whitelist_sender, '/opt/zimbra/whitelist');

read_hash(\%blacklist_sender, '/opt/zimbra/blacklist');

read_hash(\%spam_lovers, '/opt/zimbra/spamlovers');

From root

#touch /opt/zimbra/{whitelist,blacklist,spamlovers}

#chown zimbra:zimbra /opt/zimbra/{whitelist,blacklist,spamlovers}

#su - zimbra

$zmamavisdctl restart

$zmmtactl restart

Now Whitelist email 

$vim /opt/zimbra/whitelist

accountname@domainname

domain_name

$zmmtactl restart

Now Blacklist email 

$vim /opt/zimbra/blacklist

accountname@domainname

domain_name

$zmmtactl restart

---------------------------------------------------------------------------

add Whitelists and Blacklists on Zimbra

To add blackist or whitelist entries to your salocal.cf.in file.

[root@mail ~]# vi /opt/zimbra/conf/salocal.cf.in

blacklist_from *fenpropertyservices.co.uk

blacklist_from *marshallsestateagents.co.uk

whitelist_from m.rajesh@yahoo.com

whitelist_from ganesh@gmail.com

To set domain or IP level spam score in zimbra

[root@mail ~]# vi /opt/zimbra/conf/amavisd.conf.in

# To set white listed domain or IP (score -1 to -10 : default -5)

#  read_hash(“/var/amavis/sender_scores_sitewide”),

{ # a hash-type lookup table (associative array)

nobody@cert.org’                        => -3.0,

     ‘cert-advisory@us-cert.gov’              => -3.0,

# To set block listed domain or IP (score 1 to 10)

# soft-blacklisting (positive score)

sender@example.net’                     =>  3.0,

     ‘.example.net’                           =>  1.0,

     ‘.domain.com’                              =>  8.0,

————————————————————–

The simplest filtering methods for spamassasin are the blacklist and whitelist. Blacklist entries block all email from an address or domain, and whitelist entries bypass all filtering for an address or domain.

Restart Zimbra spamassassin by using following command.

[zimbra@mail root]$ zmmtactl restart && zmamavisdctl restart

---------------------------------

blacklist or Whitelist IP address/Hostname [postfix]

Many clients use RBLs to block spammers from flooding their MTAs with spam. Unfortunately, perfectly valid sites occasionally end up on these lists. With ZCS 8.5 and later, it is possible to create an on-disk database map that allows the client to whitelist specific blacklisted IPs so that emails from those IPs still get delivered.

To whitelist Edit file /opt/zimbra/conf/postfix_rbl_override and below parameter

1.2.3.4 OK

Now run postmap to apply changes in postfix

$postmap /opt/zimbra/conf/postfix_rbl_override

For zimbra  8.5, 8.6

$zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'

To blacklist Edit file /opt/zimbra/conf/postfix_blacklist . Add IP address SPACE REJECT to the file

1.2.3.4 REJECT

Run postmap command 

$ postmap /opt/zimbra/conf/postfix_blacklist

For zimbra  8.5, 8.6

$zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_blacklist'

Restart service

$ zmmtactl restart

------------------------------------------------

How to whitelist and blacklist email using salocal.cf.in in zimbra

We can blacklist any email id and domain in zimbra mail server for decreasing spam mail manually.  We can also whitelist domain or email id if you do not want this to receive in junk or due to any reason you do not receive mail from outside.

Blacklist email id and domain in zimbra using SpamAssassin  config file

$vim /opt/zimbra/conf/salocal.cf.in         (Make entry below of file)

blacklist_from *@domain.com

blacklist_from user@domain.com

Restart below service to take effect

$ zmmtactl restart && zmamavisdctl restart

Now, send testmail from outside. your mail will be discarded .

Whitelist email id and domain in zimbra

$vim /opt/zimbra/conf/salocal.cf.in         (Make entry below of file)

whitelist_from *@domain.com

whitelist_from user@domain.com

Restart below service to take effect

$ zmmtactl restart && zmamavisdctl restart

Whitelist | Blacklist a domain or email address on Zimbra Amavis

Create two files that will store the domains and email addresses you wish to whitelist or blacklist.

$ sudo touch /opt/zimbra/conf/{whitelist,blacklist}

All whitelists will be in the file /opt/zimbra/conf/whitelist, the blacklisted will be in the file /opt/zimbra/conf/blacklist. Example

$ cat /opt/zimbra/conf/whitelist

jmutai@example.com example.org

$ cat /opt/zimbra/conf/blacklist

spammer@example.com

fakedomain.com

Now you need to modify your /opt/zimbra/conf/amavisd.conf.in configuration file have checks on the two files we just added above.

read_hash(%whitelist_sender, '/opt/zimbra/conf/whitelist'); read_hash(%blacklist_sender, '/opt/zimbra/conf/blacklist');

After saving the changes, restart the amavis service.

sudo su - zimbra -c "zmamavisdctl restart"

You can now retry sending email from a blocked domain/address or whitelisted ones and see if the email is delivered.

-----