How To Restrict Users Sending to Certain Users/Domains With Policyd

Home » Zimbra » How To Restrict Users Sending to Certain Users/Domains With Policyd
Zimbra 106 Comments

Policyd has module access control. This module can use for some aims as improving anti spam reject unlisted domain like article has been wrote before. Module access control also can use for restrict users sending to certain users/domains and this article will explain how to apply.

Assume you have been install and configure policyd like the following article How To Install PolicyD on Zimbra 8.5. For information, i have user with name user1@imanudin.net. This user can sending to domain local only (imanudin.net) and deny to other domain.

Open policyd webui on http://ZimbraServer:7780/webui/index.php. First, create users and domains group.

Select Groups. Add new group and given name users_local_only. Add member users to group users_local_only. Don’t forget to change status disable yes become no. Add new group and given name list_domain. Add member domains to group list_domain. Don’t forget to change status disable yes become no. See the following pictures

policyd-members-users

policyd-members-groups

policyd-groups-info

Select Policies | Main. Create new policy and given name Sending Local Only. Give priority 30 and fill description with information about your policy. Add member to new policy and fill on source with group users_local_only and on destination with group list_domain but with reverse status.Don’t forget to change status disable yes become no. See the following pictures

policy-local-only

Now, you must define access to new policy has been created. Select Access Control | Configure. Add new access control and given name Sending Local Only. Select Sending Local Only on link to policy and reject on verdict. Give information about why email cannot sending on data like “Sorry, you cannot sending to outside”. See the following pictures

access-control-policy

Don’t forget to change status disable yes become no

Enable policyd accesscontrol and restart policyd service

su - zimbra
zmprov ms `zmhostname` zimbraCBPolicydAccessControlEnabled TRUE
zmcbpolicydctl restart

Please try to sending email from user1@imanudin.net to outside and see the log information on /opt/zimbra/log/cbpolicyd.log and /var/log/zimbra.log to debug.

Good luck and hopefully useful 😀

106 thoughts on - How To Restrict Users Sending to Certain Users/Domains With Policyd

1 2

LEAVE A COMMENT