Policyd has module access control. This module can use for some aims as improving anti spam reject unlisted domain like article has been wrote before. Module access control also can use for restrict users sending to certain users/domains and this article will explain how to apply.
Assume you have been install and configure policyd like the following article How To Install PolicyD on Zimbra 8.5. For information, i have user with name user1@imanudin.net. This user can sending to domain local only (imanudin.net) and deny to other domain.
Open policyd webui onhttp://ZimbraServer:7780/webui/index.php. First, create users and domains group.
Select Groups. Add new group and given name users_local_only. Add member users to group users_local_only. Don’t forget to change status disable yes become no. Add new group and given name list_domain. Add member domains to group list_domain. Don’t forget to change status disable yes become no. See the following pictures
Select Policies | Main. Create new policy and given name Sending Local Only. Give priority 30 and fill description with information about your policy. Add member to new policy and fill on source with group users_local_onlyand on destination with group list_domain but with reverse status.Don’t forget to change status disable yesbecome no. See the following pictures
Now, you must define access to new policy has been created. Select Access Control | Configure. Add new access control and given name Sending Local Only. Select Sending Local Only on link to policy and reject on verdict. Give information about why email cannot sending on data like “Sorry, you cannot sending to outside”. See the following pictures
Don’t forget to change status disable yes become no
Enable policyd accesscontrol and restart policyd service
1.
su
- zimbra
2.
zmprov ms `zmhostname` zimbraCBPolicydAccessControlEnabled TRUE
3.
zmcbpolicydctl restart
Please try to sending email from user1@imanudin.net to outside and see the log information on /opt/zimbra/log/cbpolicyd.log and /var/log/zimbra.log to debug.
Good luck and hopefully useful
Blogger Comment
Facebook Comment