Zimbra is not working with CBpolicyd

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
User avatar
Peter Parker
Posts: 8
Joined: Mon Apr 09, 2018 2:06 am
Location: Vietnam

Zimbra is not working with CBpolicyd

Post by Peter Parker »

Hi guys,

My boss said that he wants to limit sending message from domain local to outside and outside to any domain with maximum message 200 email/user/hour and he also wants to install Zimbra and Policyd on 2 hosts. So, I have installed on my lab 2 hosts with a scenario as below:

Host A: Zimbra Server. I have checked zmcontrol status as well as tested send and receive email, everything is fine right now. As you can see below with zmcontrol status.
[zimbra@mail root]$ zmcontrol status
Host mail.fanicatest.com
amavis Running
antispam Running
antivirus Running
dnscache Stopped
dnscache is not running.
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running


Host B: CBpolicyd. I have installed successfully CBpolicyd, I can access to my Policy Web Administrator, then I have configured Rate Limit Sending Message on PolicyD.

[root@policy ~]# netstat -anltp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 172.16.9.75:10031 0.0.0.0:* LISTEN 1327/perl
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1274/httpd
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1257/sshd
tcp 0 0 172.16.9.75:22 172.16.9.82:50934 ESTABLISHED 1562/sshd: root@pts
tcp 0 0 172.16.9.75:22 172.16.9.82:51331 ESTABLISHED 1785/sshd: root@pts
tcp 0 96 172.16.9.75:22 172.16.9.82:50938 ESTABLISHED 1627/sshd: root@pts
tcp 0 0 172.16.9.75:22 172.16.9.82:50502 ESTABLISHED 1288/sshd: root@pts
tcp6 0 0 :::3306 :::* LISTEN 1088/mysqld
tcp6 0 0 :::22 :::* LISTEN 1257/sshd

[root@policy ~]# tail -f /var/log/cbpolicyd.log
[2018/04/09-05:21:11 - 1327] [CORE] NOTICE: => CheckSPF: enabled
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: => Greylisting: enabled
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: => Quotas: enabled
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: => Protocol(Postfix): enabled
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: => Protocol(Bizanga): enabled
[2018/04/09-05:21:12 - 1327] [CBPOLICYD] NOTICE: Module load done.
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: 2018/04/09-05:21:12 cbp (type Net::Server::PreFork) starting! pid(1327)
[2018/04/09-05:21:12 - 1327] [CORE] NOTICE: Binding to TCP port 10031 on host 172.16.9.75 with IPv4
[2018/04/09-05:21:12 - 1327] [CORE] WARNING: Group Not Defined. Defaulting to EGID '0'
[2018/04/09-05:21:12 - 1327] [CORE] WARNING: User Not Defined. Defaulting to EUID '0'

Next, I have configured Zimbra to work with CBPolicyD with the command line as below: (172.16.9.75 IP Address of host B)

zmlocalconfig -e postfix_enable_smtpd_policyd=yes
zmprov mcf +zimbraMtaRestriction "check_policy_service inet:172.16.9.75:10031"
zmlocalconfig -e cbpolicyd_log_level=4; zmlocalconfig -e cbpolicyd_log_detail=modules,tracking,policies; zmlocalconfig -e cbpolicyd_module_accesscontrol=1 cbpolicyd_module_checkhelo=1 cbpolicyd_module_checkspf=1 cbpolicyd_module_greylisting=1 cbpolicyd_module_quotas=1


Next, I have tested with a few emails to see log on CBPolicyD. But, I didn't see anything else different occur here. I think that Zimbra and CbPolicyD not interact with each other.

So, Does anyone else can help me debug it? or give me a few ideas to configure Zimbra work with CBPolicyD.

Thank for your help!
smwadek
Posts: 2
Joined: Sun Apr 01, 2018 11:13 am

Re: Zimbra is not working with CBpolicyd

Post by smwadek »

Pls follow this site previously on zimbra 8.8 opensource edition i am able to successfully configure cbpolicyd service (other tutorial on cbpolicyd is present on this site with video)

https://imanudin.net/2014/09/08/how-to- ... imbra-8-5/
https://imanudin.net/2014/09/12/zimbra- ... cyd-webui/


//BR
WAHID
aer4a
Posts: 1
Joined: Sat Jun 16, 2018 3:37 am

Re: Zimbra is not working with CBpolicyd

Post by aer4a »

Pls follow this site previously on zimbra 8.8 opensource edition i am able to successfully configure cbpolicyd service (other tutorial on cbpolicyd is present on this site with video)

https://imanudin.net/2014/09/08/how-to- ... imbra-8-5/
https://imanudin.net/2014/09/12/zimbra- ... cyd-webui/
Your tutorials are no longer applicable to version 8.8.

There are some changes I believe. Example, I have configured and run cbpolicyd, and was unable to access web console except for the It works! default message at this url http://myzimbra.com:7780/
no file at http://myzimbra.com:7780/webui/index.php .

I will only use the sqlite3 cli to manage this as I do not know where to locate the policyd web console if there is one.
yeeP6rai
Posts: 41
Joined: Mon Feb 12, 2018 10:16 am

Re: Zimbra is not working with CBpolicyd

Post by yeeP6rai »

aer4a wrote:
Pls follow this site previously on zimbra 8.8 opensource edition i am able to successfully configure cbpolicyd service (other tutorial on cbpolicyd is present on this site with video)

https://imanudin.net/2014/09/08/how-to- ... imbra-8-5/
https://imanudin.net/2014/09/12/zimbra- ... cyd-webui/
Your tutorials are no longer applicable to version 8.8.

There are some changes I believe. Example, I have configured and run cbpolicyd, and was unable to access web console except for the It works! default message at this url http://myzimbra.com:7780/
no file at http://myzimbra.com:7780/webui/index.php .

I will only use the sqlite3 cli to manage this as I do not know where to locate the policyd web console if there is one.

Code: Select all

ln -s /opt/zimbra/common/share/webui /opt/zimbra/data/httpd/htdocs/webui

Code: Select all

mcedit /opt/zimbra/data/httpd/htdocs/webui/includes/config.php

$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";
$DB_USER="root";
$DB_TABLE_PREFIX="";
Post Reply