How To Restrict SASL Login/Access

-
# Open smtpd_sender_restrictions.cf

su - zimbra
vi /opt/zimbra/conf/zmconfigd/smtpd_sender_restrictions.cf

Add check_sasl_access lmdb:/opt/zimbra/conf/sasl_access above permit_sasl_authenticated. Please see example below

permit_mynetworks
check_sasl_access lmdb:/opt/zimbra/conf/sasl_access
permit_sasl_authenticated

# Save and create sasl_access

vi /opt/zimbra/conf/sasl_access

please fill it as follows

user1 REJECT Sorry, you cannot use SMTP for now
user1@imanudin.net REJECT Sorry, you cannot use SMTP for now

Note : You can change REJECT with HOLD or DISCARD. If using REJECT, all email from that user will be rejected and user getting error “Sorry, you cannot use SMTP for now”

# Save and postmap

postmap /opt/zimbra/conf/sasl_access

Below is an example when users getting restricted SASL access

saslauthd[31326]: auth_zimbra: user1@example.net auth OK
mail postfix/smtps/smtpd[11549]: NOQUEUE: filter: RCPT from subs30-116-206-xx-xx.three.co.id[116.206.xx.xx]: <user1@example.net>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<user1@example.net> to=<user1@example.net> proto=ESMTP helo=
mail postfix/smtps/smtpd[11549]: NOQUEUE: reject: RCPT from subs30-116-206-xx-xx.three.

Comments

Post a Comment

Popular posts from this blog

Disabling Zimbra's AntiSpam, Amavis and AntiVirus filtering

-
 Check whether antispam and antivirus service is enabled currently on server using the given command zmprov -l gs <mail.example.com> | egrep -i 'serviceen|servicein'  The above command will list all the services which are currently installed and enabled on the server. Disable the antivirus and antispam services using the given commands zmprov -l ms <mail.example.com> -zimbraServiceEnabled antispam  zmprov -l ms <mail.example.com> -zimbraServiceEnabled amavis zmprov -l ms <mail.example.com> -zimbraServiceEnabled antivirus  Comment the following line in the file /opt/zimbra/postfix/conf/main.cf content_filter = smtp-amavis:[127.0.0.1]:10024  Restart services on server zmcontrol restart  Confirm that the antispam and antivirus services are disabled with the given command zmprov -l gs <mail.example.com> | egrep -i 'serviceen|servicein'  zmcontrol status 
Read more

Cambium cnPilot E400/E410/E500 Configuration Tutorial

-
Image
Basic Connectivity:   Router (Broadband/mikrotik |dhcp enabled) >>> E400/E410/E500 + LAPTOP Cambium (Powered ON) [POE port] >>>> LAPTOP [LAN port] Step 1: Open Cambium controller in the browser. Step 2: After entering in to the site click on the Onboard Device option from Home Tab of Left Panel. Step 3: In the Onboard Option, we will get Claim Device option to adopt a Cambium AP. Step 4: Now we will move to the Cambium AP configuration Part. Below are credentials of default login access of cnpilot E400/E410/E500/E410/E500. IP:192.168.0.1 Command Line Access: Username: admin Telnet: Disabled by default Password: admin SSH: Enabled by default (on standard port: 22) ***We can also use dhcp IP to login to the cnpilot E400/E410/E500. We will get login page. Step 5: We can see several TAB on left panel. On the DashBoard Tab, we will get some overall information. Some are useful for the configuration; some are useful for troubleshoo...
Read more

Error "Unable to retrive Zimbra GPG key for package validation"

-
From the installation log we see: Executing: /tmp/tmp.mSlzRMclVa/gpg.1.sh --keyserver keyserver.ubuntu.com --recv-keys 9BE6ED79 gpg: requesting key 9BE6ED79 from hkp server keyserver.ubuntu.com gpg: keyserver timed out gpg: keyserver receive failed: keyserver error 1. Open port 11371 11371 tcp,udp hkp OpenPGP HTTP Keyserver 2. Force it to use port 80: gpg --keyserver hkp://keyserver.ubuntu.com:80 --recv-keys 9BE6ED79 Ref: https://wiki.zimbra.com/wiki/Error_%22Unable_to_retrive_Zimbra_GPG_key_for_package_validation%22
Read more