• Home
  • Free Stuff
  • About
  • Contact

Zimbra Tips : PolicyD & Rate-Limit Sending Message Implementation on Zimbra 8

February 6, 2014

From PolicyD website : Policyd v2 (codenamed “cluebringer”) is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large scale mail hosting environments. The main goal is to implement as many spam combating and email compliance features as possible while at the same time maintaining the portability, stability and performance required for mission critical email hosting of today. Most of the ideas and methods implemented in Policyd v2 stem from Policyd v1 as well as the authors’ long time involvement in large scale mail hosting industry.

PolicyD can be integrated into Zimbra to add an anti spam layer, especially for rate-limit sending message. We can set maximum messages both for receiving and sending policy and prevent mail server IP address to be blacklisted due to spam message to outside network.

vmware_zimbra_logoPolicyD activation procedure on Zimbra 8 is slightly different from the procedures on previous version. Some of  features on PolicyD include Access Control, amavis, CheckHelo, CheckSPF, Greylisting, Quotas and Accounting. The new features can be configured through the Web Administration Policyd as well as standard feature.

Below are PolicyD activation procedure on Zimbra 8, fully tested on Zimbra 8.0.6, the latest version of the time this article was written.

ACTIVATING POLICYD ADDON

[code language=”bash”]
su – zimbra
zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicyd
zmlocalconfig -e postfix_enable_smtpd_policyd=yes
zmprov mcf +zimbraMtaRestriction “check_policy_service inet:127.0.0.1:10031”

zmlocalconfig -e cbpolicyd_log_level=4; zmlocalconfig -e cbpolicyd_log_detail=modules,tracking,policies; zmlocalconfig -e cbpolicyd_module_accesscontrol=1 cbpolicyd_module_checkhelo=1 cbpolicyd_module_checkspf=1 cbpolicyd_module_greylisting=1 cbpolicyd_module_quotas=1

zmcontrol restart
exit
[/code]

WEB UI ACTIVATION FOR POLICYD MANAGEMENT
Run the following command by using root permission
[code language=”bash”]
cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui
[/code]

Modify file /opt/zimbra/cbpolicyd-2.1.0-beta/share/webui/includes/config.php (vi /opt/zimbra/cbpolicyd-2.1.0-beta/share/webui/includes/config.php) and mark a comment (#) to the line begining with: $DB_DSN and add the following code before line begining with : $DB_USER

[code language=”bash”]
$DB_DSN=”sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb”;
[/code]

Reload Web UI (http) service with the following command :
[code language=”bash”]
cd /srv/
wget -c http://devlabs.linuxassist.net/attachments/download/230/cluebringer-snapshot-2.1.x-201205100639.tar.gz
tar -zxvf cluebringer-snapshot-2.1.x-201205100639.tar.gz
cd cluebringer-snapshot-2.1.x-201205100639/webui/
cp *.php *.css /opt/zimbra/cbpolicyd/share/webui/
su – zimbra -c “zmapachectl restart”
[/code]

Try to open PolicyD web management by accessing the following URL : http://IpAddressOfZimbra:7780/webui/index.php, the correct result should be similar as below :

policyD_webadmin

PolicyDSpamZimbra
Share

Linux

Masim "Vavai" Sugianto
Traveller, Open Source Enthusiast & Book Lover. Works as Independent Worker & Self-Employer.

4 Comments


xnohat
November 25, 2014 at 04:11
Reply

Small notes for someone cannot access to Web UI from internet

Default installation of Zimbra CS Firewall ( IPTables ) doesn’t allow to any access to port 7780 ( zimbra apache ). To access this page from outside after all setup above you need edit /etc/sysconfig/iptables by root right

vi /etc/sysconfig/iptables

Add a line

-A INPUT -m state –state NEW -m tcp -p tcp –dport 7780 -j ACCEPT

right before line

-A INPUT -j REJECT –reject-with icmp-host-prohibited

Save file

Restart iptables by command

service iptables restart

Notes: instruction above for CentOS/Fedora/RHEL



paukacang
May 20, 2015 at 13:38
Reply

i try to install on ubuntu server. but cant access webui. can u guide me??



Masim "Vavai" Sugianto
May 20, 2015 at 13:48
Reply

Hi,

Is there any error message?

Vavai



verry
July 16, 2015 at 08:54
Reply

Dear mas vai

blank kosong pak php nya, kenapa ya

error sih nggak tp blank aja pas dipanggil index.php



Leave a Reply to paukacang Cancel reply

Your email address will not be published. Required fields are marked *

  • Recent Posts

    • Life goes On : Farming
    • Pursuing FIRE in Indonesia : Are You Prepared For A Recession?
    • VirtualBox Error Kernel Driver not Installed (rc=-1908) on Zorin OS 15.2
    • ZorinOS on Intel NUC Hades Canyon Series NUC817HVK
    • Banana Farm
    • Zorin OS 15.2 Ultimate
    • Haraka and LDAP Authentication with Zimbra
    • Market Crash
    • Yoga Studio
    • Portfolio Update : February 2020



© Copyright LetsBlog Theme Demo - Theme by ThemeGoods