Script Automatic Configure CBPolicyd on Zimbra 8.5

Posted by

Still talking about CBPolicyd. I have been wrote some article about CBPolicyd and how to using it. For easy configure and install CBPolicyd on Zimbra 8.5, i have been wrote simple script for automatically install and configure it. This simple script will automatically :

  1. Install and enable PolicyD on Zimbra 8.5
  2. How To Configure Rate Limit Sending Message on PolicyD
  3. Improving Anti Spam : Reject Unlisted Domain on Zimbra 8.5
  4. How To Protect Policyd WebUI

The script can download at this link automatic-policyd-zcs8.5.sh or you can also use wget for downloading

cd /srv/
wget -c https://imanudin.net/wp-content/uploads/2014/09/automatic-policyd-zcs8.5.sh
chmod +x automatic-policyd-zcs8.5.sh
sh automatic-policyd-zcs8.5.sh

You just should press key enter to automatic configure CBPolicyd 😀 .

Good luck and hopefully useful 😀

54 comments

  1. Hi iman !
    Do you know if there is a way to run a script (or other way) to lock an account once it reaches a quota ?

    1. Hi Vikram,

      You can test after add your domain. If it works, the service CBPolicyD unnecessary to restart. If not work, you can restart CBPolicyD services with command su – zimbra -c “zmcbpolicydctl restart”

  2. Hi,
    my zimbra outgoing mail spam. what i do. please help me.
    Linode Server, Zimbra 8.6, CentOS lates

    Thansk.

    1. Hi Madura,

      You can check who users often spamming on mailq. Change password for that users and flush email spam on queue

  3. Hi Iman,

    Many thanks for your article and the support.

    I have downloaded your script “automatic-policyd-zcs8.5.sh” and installed in our zimbra 8.6 to enable SPF for incoming emails. The cbpolicyd.log shows that SPF check is enabled, but when I check the logs or show original content of emails I can see SPF headers. I’m not sure what I’m missing.

    Please do let me know , is there anything else I need to do a part from running your script enable SPF check.

    Awaiting for your reply.

    Thank you.
    Ramesh

  4. Hi Iman,

    I have installed script in Zimbra 8.0.2, but Access Control “Reject Unlisted Domain” not working.
    I have domain1.com in policy group “list_domain”, domain2.com isn’t in “list_domain”. But, email@domain2.com still sent out.

    Thanks.

  5. hi iman,

    need your help, i follow your guide setup on policyd but i can’t add any policies, when I submit the added policies no error occured but the policies was not added to database.

    i try to used your automatic-policyd.sh but i have error, all tables are missing on db.

    How can i insert all the tables?
    Appreciate your help..
    Thanks!

    i have ZCS 8.6

    ===> [*] INFO : Configuring Rate Limit Sending Message and Reject Unlisted Domain

    Manual Process
    ————————————————————————-
    touch /tmp/policyd.sql
    echo ‘delete from policy_groups where id=100;’ > /tmp/policyd.sql
    echo ‘delete from policy_group_members where id=100;’ >> /tmp/policyd.sql
    echo ‘delete from policies where id=100;’ >> /tmp/policyd.sql
    echo ‘delete from policy_members where id=100;’ >> /tmp/policyd.sql
    echo ‘delete from access_control where id=100;’ >> /tmp/policyd.sql
    echo ‘delete from policies where id=101;’ >> /tmp/policyd.sql
    echo ‘delete from policy_members where id=101;’ >> /tmp/policyd.sql
    echo ‘delete from policy_members where id=102;’ >> /tmp/policyd.sql
    echo ‘delete from quotas where id=101;’ >> /tmp/policyd.sql
    echo ‘delete from quotas_limits where id=101;’ >> /tmp/policyd.sql
    echo ‘insert into policy_groups values(100,’list_domain’,0,0);’ >> /tmp/policyd.sql
    echo ‘insert into policy_group_members values(100,100,’@zimbratest.com’,0,0);’ >> /tmp/policyd.sql
    echo ‘insert into policies values(100,’Reject Unlisted Domain’,20,’Reject Unlisted Domain’,0);’ >> /tmp/policyd.sql
    echo ‘insert into policy_members values(100,100,’!%list_domain’,’!%list_domain’,0,0);’ >> /tmp/policyd.sql
    echo ‘insert into access_control values(100,100,’Reject Unlisted Domain’,’REJECT’,’Sorry, you are not authorized to sending email’,’Reject Unlisted Domain’,0);’ >> /tmp/policyd.sql
    echo ‘insert into policies values(101,’Rate Limit Sending Message’,21,’Rate Limit Sending Message’,0);’ >> /tmp/policyd.sql
    echo ‘insert into policy_members values(101,101,’%list_domain’,’!%list_domain’,0,0);’ >> /tmp/policyd.sql
    echo ‘insert into policy_members values(102,101,’!%list_domain’,’any’,0,0);’ >> /tmp/policyd.sql
    echo ‘insert into quotas values(101,101,’Rate Limit Sending Message’,’Sender:user@domain’,3600,’DEFER’,’Max sending email have been full at last 3600s’,0,’Rate Limit Sending Message’,0);’ >> /tmp/policyd.sql
    echo ‘insert into quotas_limits values(101,101,’MessageCount’,300,’Rate Limit’,0);’ >> /tmp/policyd.sql
    su – zimbra -c “sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb < /tmp/policyd.sql"
    su – zimbra -c "zmcbpolicydctl restart"
    ————————————————————————-
    Press key Enter for configure

    Error: near line 1: no such table: policy_groups
    Error: near line 2: no such table: policy_group_members
    Error: near line 3: no such table: policies
    Error: near line 4: no such table: policy_members
    Error: near line 5: no such table: access_control
    Error: near line 6: no such table: policies
    Error: near line 7: no such table: policy_members
    Error: near line 8: no such table: policy_members
    Error: near line 9: no such table: quotas
    Error: near line 10: no such table: quotas_limits
    Error: near line 11: no such table: policy_groups
    Error: near line 12: no such table: policy_group_members
    Error: near line 13: no such table: policies
    Error: near line 14: no such table: policy_members
    Error: near line 15: no such table: access_control
    Error: near line 16: no such table: policies
    Error: near line 17: no such table: policy_members
    Error: near line 18: no such table: policy_members
    Error: near line 19: no such table: quotas
    Error: near line 20: no such table: quotas_limits
    Stopping policyd… done.
    Starting policyd…done.

  6. Hi iman,
    I use zimbra 8.0.7.
    When i use ur script for version 8.0.x its not generate any value even table in /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb.

    When i try use
    https://forums.zextras.com/zimbra-howto/403-howto-enabling-cbpolicyd-zimbra-8-0-0-8-0-1-a.html
    table is success created, but some table not create like policies.

    this is the error message
    Error: near line 1: unrecognized token: “#”
    Error: near line 43: no such table: policies
    Error: near line 44: no such table: policies
    Error: near line 45: no such table: policies
    Error: near line 46: no such table: policies
    Error: near line 47: no such table: policies
    Error: near line 51: table policy_members already exists
    Error: near line 96: table policy_groups already exists
    Error: near line 110: column Name is not unique
    Error: near line 111: column Name is not unique
    Error: near line 116: table policy_group_members already exists
    Error: near line 139: table session_tracking already exists
    Error: near line 169: index session_tracking_idx1 already exists
    Error: near line 170: index session_tracking_idx2 already exists
    Error: near line 174: unrecognized token: “#”
    Error: near line 215: unrecognized token: “#”
    Error: near line 265: no such table: quotas
    Error: near line 266: no such table: quotas
    Error: near line 270: table quotas_limits already exists
    Error: near line 290: table quotas_tracking already exists
    Error: near line 303: index quotas_tracking_idx1 already exists
    Error: near line 305: unrecognized token: “#”
    Error: near line 449: no such table: amavis_rules
    Error: near line 464: unrecognized token: “#”
    Error: near line 521: table checkhelo_blacklist already exists
    Error: near line 533: column Helo is not unique
    Error: near line 536: column Helo is not unique
    Error: near line 539: column Helo is not unique
    Error: near line 542: column Helo is not unique
    Error: near line 548: table checkhelo_whitelist already exists
    Error: near line 563: table checkhelo_tracking already exists
    Error: near line 570: index checkhelo_tracking_idx1 already exists
    Error: near line 572: unrecognized token: “#”
    Error: near line 619: unrecognized token: “#”
    Error: near line 689: table greylisting_whitelist already exists
    Error: near line 704: table greylisting_autowhitelist already exists
    Error: near line 720: table greylisting_autoblacklist already exists
    Error: near line 735: table greylisting_tracking already exists
    Error: near line 749: index greylisting_tracking_idx1 already exists
    Error: near line 751: unrecognized token: “#”
    Error: near line 810: table accounting_tracking already exists
    Error: near line 825: index accounting_tracking_idx1 already exists

    when i create some value in policy menu via web ui the value not save..
    whats step i missing in?
    Or maybe, you share your cbpolicyd.sqlitedb please ?
    Appreciate your help mas iman…
    Thanks!

  7. Hi Iman,
    is there any option to restrict web-mail access for specific Email Ids in Zimbra 8.7 Open source.
    I’m checking with cos but no luck.
    and how to zimbra admin console delegation for jr admins.
    i need script for both.
    Please help me on this

  8. Hi Iman,
    how to migrate zimbra from one server to another with new domain name:
    for example:My old email in old server is “suresh@abc.com”
    i have installed new server with new domain name i need to move the my suresh@abc.com to new server with suresh@xyz.com with entire old mail box also.
    Please help i have almost 600+ users in old domain.
    i need to move the all the users to new server with new domain name.
    i’m using pst import tool but it’s taking long time to import.
    any third party tools available for importing one domain to another doamin.

  9. I’m using ZimbraMigration_8.6.0.1307_x86 tool for importing pst to new server but it is taking 1gb PST 5 mins for user. i need to do 600+ some users are having 5 gb data, most of the users using webmail only. i tried account migration from zimbra that is notworking.

  10. Thanks Iman,

    I have successfully imported my old emails data to new emails through below edit
    # Configuration file for zmztozmig with all necessary settings
    #
    #Source ZCS server IP/name,admin user name and password, server port
    SourceZCSServer=10.0.0.50
    SourceAdminUser=admin@abc.com
    SourceAdminPwd=Password
    SourceAdminPort=7071
    #
    #Destination/Target ZCS server IP/name,admin user name and password, server port
    TargetZCSServer=10.0.0.100
    TargetAdminUser=admin@xyz.com
    TargetAdminPwd=Password
    TargetAdminPort=7071

  11. dear iman ,
    most of my mails are in deferred and while checking the error msg its saying like refused to talk to me 554.5.7.1 your not allow

    please help me on this

    amithraj

  12. dear iman,
    unwanted mail flows through my mail sever with my domain they all spam how can i stop it please help me

    thanks
    amithrajc

  13. Hi Iman,
    I’m very new in configuration and linux too.
    Using Ubuntu 18.04 server with Zimbra 15.8.8 i guess.
    I have install zimbra with your provided script and policyd too. But, when i m trying to open http://xxx.xx.xx.xx:7780/webui/index.php it is showing error “Not Found
    The requested URL /webui/index.php was not found on this server.”

    Please suggest.

  14. Thanks Iman, in Zimbra 10 with rate limit for sending it does not count the messages I send from webmail, will check_policy_service inet:127.0.0.1:10031 have to be enabled somewhere else?

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.