I have setup zimbra 8.7.1 on centos 7.3
Restricted all protocols and DNS checks for MTA relay.
Unfortunatly, users says some legal people can't send email to them, for example from state.gov domain.
Also, our web-server can't send email to zimbra
Code: Select all
zmcontrol -v
Release 8.7.11_GA_1854.RHEL7_64_20170531151956 RHEL7_64 FOSS edition.
Code: Select all
zmprov gcf zimbraMtaRestriction
zimbraMtaRestriction: reject_invalid_helo_hostname
zimbraMtaRestriction: reject_non_fqdn_helo_hostname
zimbraMtaRestriction: reject_non_fqdn_sender
zimbraMtaRestriction: reject_unknown_client_hostname
zimbraMtaRestriction: reject_unknown_helo_hostname
zimbraMtaRestriction: reject_unknown_sender_domain
zimbraMtaRestriction: reject_rbl_client zen.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_client dbl.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_reverse_client dbl.spamhaus.org
zimbraMtaRestriction: reject_rhsbl_sender dbl.spamhaus.org
zimbraMtaRestriction: check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override
zimbraMtaRestriction: check_recipient_access lmdb:/opt/zimbra/conf/postfix_recipient_access
Is it possible to whitelist email user/IP/domain without disabling all zimbraMtaRestriction???
I need whitelist some user/IP/domain regardless all other checks (spam, av, postscreen, MTA and others).
Code: Select all
Here's log
3 17:56:51 post postfix/postscreen[32165]: CONNECT from [91.212.89.78]:44496 to [172.30.30.179]:25
Oct 23 17:56:51 post postfix/postscreen[32165]: PASS OLD [91.212.89.78]:44496
Oct 23 17:56:51 post postfix/smtpd[32166]: warning: hostname 91.212.89.78.ip.uzinfocom.uz does not resolve to address 91.212.89.78: Name or service not known
Oct 23 17:56:51 post postfix/smtpd[32166]: connect from unknown[91.212.89.78]
Oct 23 17:56:51 post postfix/smtpd[32166]: NOQUEUE: filter: RCPT from unknown[91.212.89.78]: <apache@www.mfa.uz>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<apache@www.mfa.uz> to=<sms@mfa.uz> proto=ESMTP helo=<www.mfa.uz>
Oct 23 17:56:51 post postfix/smtpd[32166]: NOQUEUE: filter: RCPT from unknown[91.212.89.78]: <apache@www.mfa.uz>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<apache@www.mfa.uz> to=<sms@mfa.uz> proto=ESMTP helo=<www.mfa.uz>
Oct 23 17:56:51 post postfix/smtpd[32166]: NOQUEUE: reject: RCPT from unknown[91.212.89.78]: 450 4.7.25 Client host rejected: cannot find your hostname, [91.212.89.78]; from=<apache@www.mfa.uz> to=<sms@mfa.uz> proto=ESMTP helo=<www.mfa.uz>
Oct 23 17:56:51 post postfix/smtpd[32166]: disconnect from unknown[91.212.89.78] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6
Oct 23 17:57:11 post postfix/postscreen[32165]: CONNECT from [213.230.96.176]:50436 to [172.30.30.179]:25
Oct 23 17:57:11 post postfix/postscreen[32165]: PASS OLD [213.230.96.176]:50436
Oct 23 17:57:12 post postfix/smtpd[32166]: warning: hostname 176.64.uzpak.uz does not resolve to address 213.230.96.176: Name or service not known
Oct 23 17:57:12 post postfix/smtpd[32166]: connect from unknown[213.230.96.176]
Oct 23 17:57:12 post postfix/smtpd[32166]: NOQUEUE: filter: RCPT from unknown[213.230.96.176]: <eso.sadullaev@uzbekenergo.uz>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10026; from=<eso.sadullaev@uzbekenergo.uz> to=<n.kuvondikov@mfa.uz> proto=ESMTP helo=<mail.uzbekenergo.uz>
Oct 23 17:57:12 post postfix/smtpd[32166]: NOQUEUE: filter: RCPT from unknown[213.230.96.176]: <eso.sadullaev@uzbekenergo.uz>: Sender address triggers FILTER smtp-amavis:[127.0.0.1]:10024; from=<eso.sadullaev@uzbekenergo.uz> to=<n.kuvondikov@mfa.uz> proto=ESMTP helo=<mail.uzbekenergo.uz>
Oct 23 17:57:12 post postfix/smtpd[32166]: NOQUEUE: reject: RCPT from unknown[213.230.96.176]: 450 4.7.25 Client host rejected: cannot find your hostname, [213.230.96.176]; from=<eso.sadullaev@uzbekenergo.uz> to=<n.kuvondikov@mfa.uz> proto=ESMTP helo=<mail.uzbekenergo.uz>
Oct 23 17:57:12 post postfix/smtpd[32166]: disconnect from unknown[213.230.96.176] ehlo=1 mail=1 rcpt=0/1 data=0/1 rset=1 quit=1 commands=4/6