Posted by Still talking about CBPolicyd. I have been wrote some article about CBPolicyd and how to using it. For easy configure and install CBPolicyd on Zimbra 8.5, i have been wrote simple script for automatically install and configure it. This simple script will automatically :
- Install and enable PolicyD on Zimbra 8.5
- How To Configure Rate Limit Sending Message on PolicyD
- Improving Anti Spam : Reject Unlisted Domain on Zimbra 8.5
- How To Protect Policyd WebUI
The script can download at this link automatic-policyd-zcs8.5.sh or you can also use wget for downloading
cd /srv/ wget -c https://imanudin.net/wp-content/uploads/2014/09/automatic-policyd-zcs8.5.sh chmod +x automatic-policyd-zcs8.5.sh sh automatic-policyd-zcs8.5.sh
You just should press key enter to automatic configure CBPolicyd 😀 .
Good luck and hopefully useful 😀
Wow 🙂 that’s usefull :))) Thank you!!!
You are welcome Sebastian 😀 . Nice to meet you. Your name have been familiar on Community Zimbra 😀
Permisi mas, semenjak saya install policy D kok kadang ada wait time out 60 ya waktu kirim email ?
Thanks
Halo mas,
Itu dikarenakan ada pengecekan disisi PolicyD-nya mas sehingga menjadi agak lama prosesnya
You are AWESOME Man !
Hi iman !
Do you know if there is a way to run a script (or other way) to lock an account once it reaches a quota ?
Hi Gregory,
For this time, i don’t have what do you want. But i will try your question. Thanks
Thank you!
It would be great if it could be done!
I am using Zimbra Comunnity edition with 10 domain. In that case when you script ask for the domain which one i have to use.
Hi Vikram,
You can input 1 of 10 your domain. After that, you can add all your domain manually via PolicyD WebUI as described at this link : https://imanudin.net/2014/09/11/improving-anti-spam-reject-unlisted-domain-on-zimbra-8-5/.
If you not input all your domain to group list_domain, 9 of 10 domains cannot sending email to outside caused improvement Reject Unlisted Domain
Do i have to restart the service when i enable a domain ?
Hi Vikram,
You can test after add your domain. If it works, the service CBPolicyD unnecessary to restart. If not work, you can restart CBPolicyD services with command su – zimbra -c “zmcbpolicydctl restart”
Thanks man it worked like charm 🙂
Implemented chekSPF but not able to reject the emails
Hi Vikram,
For check SPF could be handled by Zimbra. i have not try if using PolicyD
Hi!
This post is “de puta madre”.
I ‘m disabling adblock in this domain. Thanks!!
Hi Diego,
Thanks for Visit 😀
Gracias amigo que post tan interesante y util, te seguire leyendo
Hi,
my zimbra outgoing mail spam. what i do. please help me.
Linode Server, Zimbra 8.6, CentOS lates
Thansk.
Hi Madura,
You can check who users often spamming on mailq. Change password for that users and flush email spam on queue
thanks for the response.
i have some problems.
1. how to remove https in zimbra 8.6.
my mail address madura31@gmail.com
please help me
thanks.
Hi Iman,
Many thanks for your article and the support.
I have downloaded your script “automatic-policyd-zcs8.5.sh” and installed in our zimbra 8.6 to enable SPF for incoming emails. The cbpolicyd.log shows that SPF check is enabled, but when I check the logs or show original content of emails I can see SPF headers. I’m not sure what I’m missing.
Please do let me know , is there anything else I need to do a part from running your script enable SPF check.
Awaiting for your reply.
Thank you.
Ramesh
Hi Ramesh,
Please try this command to enable it.
Hi Iman,
I have installed script in Zimbra 8.0.2, but Access Control “Reject Unlisted Domain” not working.
I have domain1.com in policy group “list_domain”, domain2.com isn’t in “list_domain”. But, email@domain2.com still sent out.
Thanks.
Hi,
The script is not compatible with Zimbra 8.0.x. Please try to use this script : https://imanudin.com/wp-content/uploads/2014/08/automatic-policyd.sh
hi iman,
need your help, i follow your guide setup on policyd but i can’t add any policies, when I submit the added policies no error occured but the policies was not added to database.
i try to used your automatic-policyd.sh but i have error, all tables are missing on db.
How can i insert all the tables?
Appreciate your help..
Thanks!
i have ZCS 8.6
===> [*] INFO : Configuring Rate Limit Sending Message and Reject Unlisted Domain
Manual Process
————————————————————————-
touch /tmp/policyd.sql
echo ‘delete from policy_groups where id=100;’ > /tmp/policyd.sql
echo ‘delete from policy_group_members where id=100;’ >> /tmp/policyd.sql
echo ‘delete from policies where id=100;’ >> /tmp/policyd.sql
echo ‘delete from policy_members where id=100;’ >> /tmp/policyd.sql
echo ‘delete from access_control where id=100;’ >> /tmp/policyd.sql
echo ‘delete from policies where id=101;’ >> /tmp/policyd.sql
echo ‘delete from policy_members where id=101;’ >> /tmp/policyd.sql
echo ‘delete from policy_members where id=102;’ >> /tmp/policyd.sql
echo ‘delete from quotas where id=101;’ >> /tmp/policyd.sql
echo ‘delete from quotas_limits where id=101;’ >> /tmp/policyd.sql
echo ‘insert into policy_groups values(100,’list_domain’,0,0);’ >> /tmp/policyd.sql
echo ‘insert into policy_group_members values(100,100,’@zimbratest.com’,0,0);’ >> /tmp/policyd.sql
echo ‘insert into policies values(100,’Reject Unlisted Domain’,20,’Reject Unlisted Domain’,0);’ >> /tmp/policyd.sql
echo ‘insert into policy_members values(100,100,’!%list_domain’,’!%list_domain’,0,0);’ >> /tmp/policyd.sql
echo ‘insert into access_control values(100,100,’Reject Unlisted Domain’,’REJECT’,’Sorry, you are not authorized to sending email’,’Reject Unlisted Domain’,0);’ >> /tmp/policyd.sql
echo ‘insert into policies values(101,’Rate Limit Sending Message’,21,’Rate Limit Sending Message’,0);’ >> /tmp/policyd.sql
echo ‘insert into policy_members values(101,101,’%list_domain’,’!%list_domain’,0,0);’ >> /tmp/policyd.sql
echo ‘insert into policy_members values(102,101,’!%list_domain’,’any’,0,0);’ >> /tmp/policyd.sql
echo ‘insert into quotas values(101,101,’Rate Limit Sending Message’,’Sender:user@domain’,3600,’DEFER’,’Max sending email have been full at last 3600s’,0,’Rate Limit Sending Message’,0);’ >> /tmp/policyd.sql
echo ‘insert into quotas_limits values(101,101,’MessageCount’,300,’Rate Limit’,0);’ >> /tmp/policyd.sql
su – zimbra -c “sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb < /tmp/policyd.sql"
su – zimbra -c "zmcbpolicydctl restart"
————————————————————————-
Press key Enter for configure
Error: near line 1: no such table: policy_groups
Error: near line 2: no such table: policy_group_members
Error: near line 3: no such table: policies
Error: near line 4: no such table: policy_members
Error: near line 5: no such table: access_control
Error: near line 6: no such table: policies
Error: near line 7: no such table: policy_members
Error: near line 8: no such table: policy_members
Error: near line 9: no such table: quotas
Error: near line 10: no such table: quotas_limits
Error: near line 11: no such table: policy_groups
Error: near line 12: no such table: policy_group_members
Error: near line 13: no such table: policies
Error: near line 14: no such table: policy_members
Error: near line 15: no such table: access_control
Error: near line 16: no such table: policies
Error: near line 17: no such table: policy_members
Error: near line 18: no such table: policy_members
Error: near line 19: no such table: quotas
Error: near line 20: no such table: quotas_limits
Stopping policyd… done.
Starting policyd…done.
Hi Ferjun,
Please try this command
Source : https://forums.zextras.com/zimbra-howto/403-howto-enabling-cbpolicyd-zimbra-8-0-0-8-0-1-a.html
thnks iman..
Hi iman,
I use zimbra 8.0.7.
When i use ur script for version 8.0.x its not generate any value even table in /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb.
When i try use
https://forums.zextras.com/zimbra-howto/403-howto-enabling-cbpolicyd-zimbra-8-0-0-8-0-1-a.html
table is success created, but some table not create like policies.
this is the error message
Error: near line 1: unrecognized token: “#”
Error: near line 43: no such table: policies
Error: near line 44: no such table: policies
Error: near line 45: no such table: policies
Error: near line 46: no such table: policies
Error: near line 47: no such table: policies
Error: near line 51: table policy_members already exists
Error: near line 96: table policy_groups already exists
Error: near line 110: column Name is not unique
Error: near line 111: column Name is not unique
Error: near line 116: table policy_group_members already exists
Error: near line 139: table session_tracking already exists
Error: near line 169: index session_tracking_idx1 already exists
Error: near line 170: index session_tracking_idx2 already exists
Error: near line 174: unrecognized token: “#”
Error: near line 215: unrecognized token: “#”
Error: near line 265: no such table: quotas
Error: near line 266: no such table: quotas
Error: near line 270: table quotas_limits already exists
Error: near line 290: table quotas_tracking already exists
Error: near line 303: index quotas_tracking_idx1 already exists
Error: near line 305: unrecognized token: “#”
Error: near line 449: no such table: amavis_rules
Error: near line 464: unrecognized token: “#”
Error: near line 521: table checkhelo_blacklist already exists
Error: near line 533: column Helo is not unique
Error: near line 536: column Helo is not unique
Error: near line 539: column Helo is not unique
Error: near line 542: column Helo is not unique
Error: near line 548: table checkhelo_whitelist already exists
Error: near line 563: table checkhelo_tracking already exists
Error: near line 570: index checkhelo_tracking_idx1 already exists
Error: near line 572: unrecognized token: “#”
Error: near line 619: unrecognized token: “#”
Error: near line 689: table greylisting_whitelist already exists
Error: near line 704: table greylisting_autowhitelist already exists
Error: near line 720: table greylisting_autoblacklist already exists
Error: near line 735: table greylisting_tracking already exists
Error: near line 749: index greylisting_tracking_idx1 already exists
Error: near line 751: unrecognized token: “#”
Error: near line 810: table accounting_tracking already exists
Error: near line 825: index accounting_tracking_idx1 already exists
when i create some value in policy menu via web ui the value not save..
whats step i missing in?
Or maybe, you share your cbpolicyd.sqlitedb please ?
Appreciate your help mas iman…
Thanks!
Hello,
Please try the guidance from this link : https://imanudin.com/2014/08/17/script-otomatisasi-konfigurasi-policyd/
Hi Iman,
is there any option to restrict web-mail access for specific Email Ids in Zimbra 8.7 Open source.
I’m checking with cos but no luck.
and how to zimbra admin console delegation for jr admins.
i need script for both.
Please help me on this
Hello Suresh,
1. It’s possible if you have 2 servers 😉
2. You can try on this guidance : https://wiki.zimbra.com/wiki/UmaT-Implementing-Delegated-Administration
How to add bulk users in single DL,
Hello Suresh,
You can directly add member from Zimbra Admin. Or you can use dynamic DL : https://wiki.zimbra.com/wiki/Dynamic_Distribution_lists_in_Zimbra_Collaboration_Server_8.0.x
Thanks
Hi Iman,
how to migrate zimbra from one server to another with new domain name:
for example:My old email in old server is “suresh@abc.com”
i have installed new server with new domain name i need to move the my suresh@abc.com to new server with suresh@xyz.com with entire old mail box also.
Please help i have almost 600+ users in old domain.
i need to move the all the users to new server with new domain name.
i’m using pst import tool but it’s taking long time to import.
any third party tools available for importing one domain to another doamin.
Hello Suresh,
1. Use new domain on the new Zimbra server
2. On the new Zimbra server, create old domain as alias new domain
3. Move and migrate all data using this awesome tools : https://www.zextras.com/suite/migration-tool/
I’m using ZimbraMigration_8.6.0.1307_x86 tool for importing pst to new server but it is taking 1gb PST 5 mins for user. i need to do 600+ some users are having 5 gb data, most of the users using webmail only. i tried account migration from zimbra that is notworking.
Thanks Iman,
I have successfully imported my old emails data to new emails through below edit
# Configuration file for zmztozmig with all necessary settings
#
#Source ZCS server IP/name,admin user name and password, server port
SourceZCSServer=10.0.0.50
SourceAdminUser=admin@abc.com
SourceAdminPwd=Password
SourceAdminPort=7071
#
#Destination/Target ZCS server IP/name,admin user name and password, server port
TargetZCSServer=10.0.0.100
TargetAdminUser=admin@xyz.com
TargetAdminPwd=Password
TargetAdminPort=7071
Hi Suresh,
Glad to hear that. Keep spirit 🙂
dear iman ,
most of my mails are in deferred and while checking the error msg its saying like refused to talk to me 554.5.7.1 your not allow
please help me on this
amithraj
Hi Amithrajc,
Maybe your public IP is not clean and blacklisted on any RBL. Please delist and make sure your server is not perform spamming
dear iman,
unwanted mail flows through my mail sever with my domain they all spam how can i stop it please help me
thanks
amithrajc
more over they are not my users they are not even in the user list
Hi Amit,
Please try this improvement : https://imanudin.net/2014/09/11/improving-anti-spam-reject-unlisted-domain-on-zimbra-8-5/
Apakah work di Zimbra 8.7.1 ? terimakasih 😀
Hi mas,
Work juga mas. Hanya saja butuh penyesuaian ketika akses WebUI nya
I accidentally upgraded my Zimbra to 8.6 but cbpolicyd is running .. am unable to view cbpolicyd web administrator page.
this is the error message am getting
Error connecting to Policyd v2 DB: could not find driver
Hi Iman,
I’m very new in configuration and linux too.
Using Ubuntu 18.04 server with Zimbra 15.8.8 i guess.
I have install zimbra with your provided script and policyd too. But, when i m trying to open http://xxx.xx.xx.xx:7780/webui/index.php it is showing error “Not Found
The requested URL /webui/index.php was not found on this server.”
Please suggest.
Hi Sunil,
Script auto installs only work for Zimbra 8.5/8.6. Please use the manual guide for the new version: https://imanudin.net/2014/09/08/how-to-install-policyd-on-zimbra-8-5/. Then see the activate WebUI For Zimbra 8.7.x/8.8.x
Thanks Iman, in Zimbra 10 with rate limit for sending it does not count the messages I send from webmail, will check_policy_service inet:127.0.0.1:10031 have to be enabled somewhere else?
Hi Mariano,
Could you share please the result from below command
I want to set user specific email sending limit in extras zimbra 9.
It should like as follows.
user1@xyz.com can send 100 emails per day.
user2@xyz.com can send 500 emails per day.
user3@xyz.com can send 1000 emails per day.
How to setup this.
Hi,
You can try this guidance: https://imanudin.net/2014/09/09/zimbra-tips-how-to-configure-rate-limit-sending-message-on-policyd/