Wiki says how to add but not how to remove

[zim_mike]

On my zimbra 8.7 server, I followed this document.
https://wiki.zimbra.com/wiki/Specific_W ... ist_per_IP

Whitelist Edit /opt/zimbra/conf/postfix_rbl_override. Add IP address(es) SPACE OK to the file, one IP address per line:
1.2.3.4 OK

Run the postmap to save and apply the changes in Postfix:
postmap /opt/zimbra/conf/postfix_rbl_override

Run the zmprov to apply the changes to the Zimbra Collaboration Server:
zmprov mcf +zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'

I added the file and information which didn't work so now want to remove this. How can I do this?

I was trying to allow this domain to send since I am not sure if they have the problem or if it is on our mail server. It seems their server is not configured correctly because of the .local I see.

Nov 20 10:01:34 mx postfix/smtpd[25510]: NOQUEUE: reject: RCPT from mx1.in-domain.com[xx.xx.xx.30]: 450 4.7.1 <NFP-MSX.indomain-two.local>: Helo command rejected: Host not found; from=<send@in-domain.com> to=<me@home.com> proto=ESMTP helo=<NFP-MSX.indomain-two.local>

I replaced the actual information for discretion. Hope that haven't completely convoluted this.

[fs.schmidt]

Hello,

I think that you could remove it just changing the operator (-zimbraMtaRestriction):

Code: Select all

zmprov mcf -zimbraMtaRestriction 'check_client_access lmdb:/opt/zimbra/conf/postfix_rbl_override'

The sender was blocked due to a HELO restriction. It would be a "check_helo_access" instead of "check_client_access".

Best regards.

[zim_mike]

No need to re-run the postmap command then, just use - to remove?
Also, do you know why this did not work?

The only way I was able to r eceive the email from that domain was by adding it's IP like this;
zmprov ms mx.unrealmachines.com zimbraMtaMyNetworks 'x.x.x.x/32
This seems to be the wrong way as this would allow relaying etc.

And, are you confirming that the issue is with the sender and not our mail server?

[fs.schmidt]

No need to re-run the postmap command then, just use - to remove?
Also, do you know why this did not work?

The only way I was able to r eceive the email from that domain was by adding it's IP like this;
zmprov ms mx.unrealmachines.com zimbraMtaMyNetworks 'x.x.x.x/32
This seems to be the wrong way as this would allow relaying etc.

And, are you confirming that the issue is with the sender and not our mail server?

1. Since you are disabling the configuration, you won't need the file anymore so you can just remove the configuration and wait postfix reload automatically.

2. The problem is with the sender. The host informed when his server presents itself is an internal name: NFP-MSX.indomain-two.local. The host informed on HELO must be a public and valid DNS record.

3. If you are desperate to receive emails from this sender you could temporarily disable HELO tests in MTA configuration. I mean temporarily until you find a better solution.

Best regards.

[zim_mike]

Thank you for the additional information.

I'm glad that you are able to confirm the problem was not with my mail server.
I do not know of any other way right now. I searched the net all day trying to find a way to allow this domain.
Nothing I tried worked however, only allowing relay did.