------------https://dilliganesh.wordpress.com/category/zimbra/page/3/

zimbra user to check all user's mailbox size:-

su - zimbra all_accounts=`zmprov -l gaa`; for account in $all_accounts; do mbox_size=`zmmailbox -z -m $account gms`; echo "Mailbox size of $account = $mbox_size"; done ;

After running above commands you will get output in the below format:-

Mailbox size of user@example.com = 5.72 KB Mailbox size of user2@example.com = 1.38 KB Mailbox size of test@example.com = 0 B Mailbox size of test2@mydomain.com = 19.27 MB Mailbox size of supporttest@supportlab.in = 162.15 KB

How to change a Normal account to Admin account in Zimbra

This will create an additional admin account with the password of zimbra

# zmprov ca account_name@domain.com password zimbraIsAdminAccount TRUE

This will transform a normal existed user account into an admin account

# zmprov ma account_name@domain.com zimbraIsAdminAccount TRUE

How to set zimbra login redirect http to https

https://dilliganesh.wordpress.com/2016/09/21/how-to-set-zimbra-login-redirect-http-to-https/

Good way to you can enforce https encrpytion by redirecting http to https:

# su – zimbra

# zmtlsctl redirect

# zmcontrol stop

# zmcontrol start

Zimbra 8 Restriction for Postfix Senders/Recipient step by step

https://dilliganesh.wordpress.com/2014/04/07/zimbra-8-restriction-for-postfix-sendersrecipient-step-by-step/

We can change the below line on zmconfigd.cf for postfix restrictions

[zimbra@mail conf]$ vi /opt/zimbra/conf/zmconfigd.cf

POSTCONF  smtpd_recipient_restrictions  FILE  zmconfigd/smtpd_recipient_restrictions.cf  

change to  POSTCONF  smtpd_recipient_restrictions  FILE  zmconfigd/postfix_recipient_restrictions.cf

POSTCONF smtpd_reject_unlisted_recipient    no

change to POSTCONF smtpd_reject_unlisted_recipient    yes

Copy a smtpd_recipient_restrictions.cf  to postfix_recipient_restrictions.cf

[zimbra@mail conf]$ cp smtpd_recipient_restrictions.cf  postfix_recipient_restrictions.cf

Edit the postfix_recipient_restrictions.cf file and add the below line

[zimbra@mail conf]$ vi  postfix_recipient_restrictions.cf

%%contains VAR:zimbraServiceEnabled cbpolicyd, check_policy_service inet:localhost:@@cbpolicyd_bind_port@@%%

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

Restart the zimbra configuration file..

[zimbra@mail conf]$ zmconfigdctl restart

Create the protected_recipients file and add the user sender list

[zimbra@mail conf]$ vi protected_recipients

block_id@example.com  permitted_sender_list

block_id1@example.com  permitted_sender_list1

Create the permitted_sender file and add the permitted sender user accounts list

[zimbra@mail conf]$ vi permitted_senders

allow_id@example.com ok

allow_id1@example.com ok

allow_id2@example.com ok

allow_id3@example.com ok

Create a update_protected_recipients file for execute the permitted sender list and protected recipient list

[zimbra@mail conf]$ vi update_protected_recipients

#!/bin/bash

echo “rebuild_permitted_recipients..”

postmap /opt/zimbra/postfix/conf/protected_recipients

echo “rebuild permitted_senders..”

postmap /opt/zimbra/postfix/conf/permitted_senders

echo “rebuild permitted_senders..”

postmap /opt/zimbra/postfix/conf/permitted_senders1

[zimbra@mail conf]$ chmod 755 update_protected_recipients

[zimbra@mail conf]$ /opt/zimbra/postfix/conf/update_protected_recipients

Edit the main.cf and add the following line in bottom..

[zimbra@mail conf]$ vi main.cf

permitted_senders_list = check_recipient_access hash:/opt/zimbra/postfix/conf/permitted_senders, reject

permitted_senders_list1= check_recipient_access hash:/opt/zimbra/postfix/conf/permitted_senders1, reject

smtpd_restriction_classes = permitted_senders_list , permitted_senders_list1 

[zimbra@mail conf]$ postfix reload

------------------------------------------------

How to Create auto Bcc for recipient mails for Zimbra 8.7

Auto bcc for recipient mails

[root@email ~]# su zimbra

[zimbra@email conf]$ cd /opt/zimbra/conf

[zimbra@email conf]$ pwd

/opt/zimbra/conf

[zimbra@email conf]$ vi recipient_bcc

mailer@lqs.co.in   copy_acc@lqs.co.in

[zimbra@email conf]$ cd ../common/conf/

[zimbra@email conf]$ pwd

/opt/zimbra/common/conf

[zimbra@email conf]$ vi main.cf

recipient_bcc_maps = lmdb:/opt/zimbra/conf/recipient_bcc

[zimbra@email conf]$ postmap /opt/zimbra/conf/recipient_bcc

[zimbra@email conf]$ postfix reload

How to Create auto Bcc for sender mails for Zimbra 8.7

Auto bcc for sender mails

[root@email ~]# su zimbra

[zimbra@email conf]$ cd /opt/zimbra/conf

[zimbra@email conf]$ pwd

/opt/zimbra/conf

[zimbra@email conf]$ vi sender_bcc

mailer@lqs.co.in   copy_acc@lqs.co.in

[zimbra@email conf]$ cd ../common/conf/

[zimbra@email conf]$ pwd

/opt/zimbra/common/conf

[zimbra@email conf]$ vi main.cf

add the following line in bottom

sender_bcc_maps = lmdb:/opt/zimbra/conf/sender_bcc

[zimbra@email conf]$ postmap /opt/zimbra/conf/sender_bcc

restart the zimbra postfix

[zimbra@email conf]$ postfix reload

How to change IP Address of Zimbra Mail Server

1. Check out the current value of postconf:

[root@mail /]# su zimbra

[zimbra@mail /]$ postconf mynetworks

mynetworks = 127.0.0.0/8 192.168.1.0/24 [::1]/128 [fe80::]/64

[zimbra@mail /]$

In this case our postfix will reply for all machines with 192.168.1.X serious all IP address

2. If you don’t want to allow relaying for the network, but only for the zimbra server itself, configure the server like this:

[zimbra@mail /]$ hostname

mail.ttdconline.com

[zimbra@mail /]$ zmprov ms mail.ttdconline.com zimbraMtaMyNetworks ‘127.0.0.1/8 192.168.1.200/24’

[zimbra@mail /]$ postfix reload

[zimbra@mail /]$ postconf mynetworks

mynetworks = 127.0.0.1/8 192.168.1.200/24

How to Enable TLS for SMTP Server in Zimbra

First, become user zimbra:

# su zimbra

Set postfix’s smtpd_tls_security_level to may by:

zmprov ms  mail.server.com zimbraMtaSmtpTlsSecurityLevel may

or

zmprov modifyServer mail.server.com zimbraMtaSmtpTlsSecurityLevel may

After done, restart MTA server by:

# zmmtactl restart

-------------------------------------------

Rejecting false "mail from" addresses

Zimbra Collaboration 8.5 and above

For Zimbra Collaboration 8.5 and above, please use the next commands to increase the security and reject the logins for users that doesn't exist in the LDAP:

zmprov mcf zimbraMtaSmtpdRejectUnlistedRecipient yes zmprov mcf zimbraMtaSmtpdRejectUnlistedSender yes zmmtactl restart zmconfigdctl restart

For Zimbra Collaboration 8.0.x and previous

Zimbra Collaboration 8.0.x

For Zimbra Collaboration 8.0.x, open the file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add this line into the middle of the file, prior to the tag_as_foreign.re lines: Add this:

check_sender_access hash:/opt/zimbra/conf/domainrestrict

Should looks like:

... check_sender_access hash:/opt/zimbra/conf/domainrestrict %%contains VAR:zimbraServiceEnabled antivirus^ check_sender_access regexp:/opt/zimbra/postfix/conf/tag_as_foreign.re%%

Zimbra Collaboration 7.x

For Zimbra Collaboration 7.x you should follow the next steps:

su - zimbra  zmlocalconfig -e postfix_smtpd_sender_restrictions="reject_unknown_sender_domain, permit_mynetworks, permit_sasl_authenticated, check_sender_access hash:/opt/zimbra/conf/domainrestrict, permit"

Remaining steps are same for ZCS 8.0.x and previous versions

• • Create the file "/opt/zimbra/conf/domainrestrict" and add your domain(s) to it.

localdomain.com   REJECT  anotherlocaldomain.com   REJECT

You can also put some friendly/non-friendly message. Something like this.

localdomain.com   REJECT   You're not me!  anotherlocaldomain.com REJECT   You're not me!

• • Create the hash database of "/opt/zimbra/conf/domainrestrict". Run as 'zimbra' user.

postmap  /opt/zimbra/conf/domainrestrict

• • Restart zmmtactl.

zmmtactl stop  zmmtactl start

Restricting Users to Send mails to Certain Domains on Zimbra 8.5

1. Open file /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf and add this line at the top

check_sender_access lmdb:/opt/zimbra/postfix/conf/restricted_senders

2. Open file /opt/zimbra/conf/zmconfigd.cf and add those lines before RESTART mta. This is example on my system

POSTCONF    smtpd_restriction_classes  local_only POSTCONF    local_only  FILE  postfix_check_recipient_access.cf RESTART mta

3. Create a file /opt/zimbra/conf/postfix_check_recipient_access.cf and add the following line

check_recipient_access lmdb:/opt/zimbra/postfix/conf/local_domains, reject

4. Create a file “/opt/zimbra/postfix/conf/restricted_senders” and list all the users, whom you want to restrict. Follow this syntax:

user@yourdomain.com            local_only

5. Create a file “/opt/zimbra/postfix/conf/local_domains” and list all the domains where “restricted users” allowed to sent mails. Please follow this syntax:

yourdomain.com              OK  otheralloweddomain.com      OK

6. Run following commands

postmap /opt/zimbra/postfix/conf/restricted_senders postmap /opt/zimbra/postfix/conf/local_domains  zmmtactl stop  zmmtactl start

Please try to sending email to allowed domain and not allowed domain. If you insert new user on number 4 or new domain on number 5, don’t forget to running again number 6.

How To Block Emails Or Domains On Zimbra 8 MTA

1. Create a postfix_reject_sender file with the following command

Enter the email or domain that will be blocked according to the following example.

2. Enter the zimbraMtaSmtpdSenderRestrictions command

zmprov ms `zmhostname` +zimbraMtaSmtpdSenderRestrictions "check_sender_access lmdb:/opt/zimbra/common/conf/postfix_reject_sender"

3. Postmap the file you created using the following command

4. Restart MTA

5. To check zimbraMtaSmtpdSenderRestrictions successfully installed using the following command.

2. Restart MTA

How to Blacklist and Email Whitelists or Domains on Zimbra 8

Usually on the default zimbra score values ​​that are considered spam emails exceed 6.6. The score can be checked on the Original email, on the zimbra webclient in the Action > Show Original menu . As follows how it looks

Example

Example

2. Restart amavis

good luck

-----------