110 comments

  1. Hello Brother,
    when I try to connect using just imap protocol, I receive protocol not supported. I have no problem with imaps and pops. But with just pop or imap, zimbra is not letting me fetch the email. How to resolve this. There is a need that I want to fetch email using just pop or imap ignoring the ssl/tls part.
    Please help.
    Thanks!

  2. Hi,
    thanks for your article.
    I tried to implementit on a Zimbra Network 9.0
    And works, with the exception that in a multipart mime message add only the text part and not the html.

    Any suggestion?
    Thanks

      1. Hi Iman, my email has both (as multipart/alternative) and the disclaimer is added into the text part but the email is displayed in HTML.
        As result of corse the disclaimer is not visibile.
        Attached the source of the email body.

        Thanks
        Luigi

        Content-Type: multipart/alternative; boundary=”0000000000008d83aa05b1f6d9ae”

        –0000000000008d83aa05b1f6d9ae
        Content-Type: text/plain; charset=”UTF-8″

        CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.
        Test email Disclaimer.

        Luigi

        –0000000000008d83aa05b1f6d9ae
        Content-Type: text/html; charset=”UTF-8″

        Test email Disclaimer.Luigi

        –0000000000008d83aa05b1f6d9ae–

          1. Hi Iman,
            Thanks for the clarification, do you think there is any way to solve it for the email arriving from gmail or to force HTML instead of text?

  3. Dear Imanudin Assalamu Alaikum
    Thanks for your nice help. I applied this “External Email Warning Message” also working but problem is that all incoming email shows this warning message including local domain. How can I omit to show warning message when getting email from local domain …?
    What I have done wrong ?

    Regards
    Ashraf

    1. Waalaikumussalam,
      If you already enable disclaimer previously, you can disable by this command

      zmprov mcf zimbraDomainMandatoryMailSignatureEnabled FALSE
      
      1. Dear Iman
        Thanks for quick reply. I applied that command but still same. Please check below line is it ok or not…

        use strict;

        $altermime=’/opt/zimbra/common/bin/altermime’;
        @altermime_args_disclaimer = qw(–verbose –pretext=/opt/zimbra/data/altermime/_OPTION_.txt –pretext-html=/opt/zimbra/data/altermime/_OPTION_.html –force-for-bad-html);
        $defang_maps_by_ccat{+CC_CATCHALL} = [‘disclaimer’];
        $allow_disclaimers = 1;
        @local_domains_maps = ([“.”]);
        @disclaimer_options_bysender_maps = ({
        ‘.’ => ‘external_domains’,

        },);
        1;

        1. Hi Ashraf,
          You can create empty text and html files

          touch /opt/zimbra/data/altermime/local_domains.txt
          touch /opt/zimbra/data/altermime/local_domains.html
          

          Then add local domains in disclaimer_options_bysender_maps

          @disclaimer_options_bysender_maps = ({
                  'example.com' => 'local_domains',
                  '.' => 'external_domains',
          

          Then restart Amavis

          1. Dear İman,
            Assalamu Alaikum
            ‘example.com ???.com 9999.net’ => ‘local_domains’,
            ‘xxxxx.com yyyy.com’
            What is the format for writing multiple domains?

          2. @disclaimer_options_bysender_maps = ({
            ‘example.com’ => ‘local_domains’,
            ‘example1.com’ => ‘local_domains’,
            ‘example2.com’ => ‘local_domains’,
            ‘.’ => ‘external_domains’,

            ok.

  4. Hi Iman,

    After further testing and checking looks like that the problem is that Gmail does not include the tags to the email body and so altermime does not understand where to insert the disclaimer.
    Could you think of any trick to either force altermime to insert the HTML code or to modify the email body to add the 2 missing tags?

    Thanks
    Luigi

    1. Hi Luigi,
      I’ve test in my lab. If you change –pretext and –pretext-html with –disclaimer and –disclaimer-html, altermime works properly. However, altermime will put at the bottom of the message, not at the top of the message

      1. Hi Iman,
        Thanks again, this works.
        I’m checking altermime on why is doing that. I will let you know if I can find a solution.

        Thanks again.

        1. Hi Iman,
          I found this in the changelog of alterMIME, explain the problem, but does not bring us close to the solution.
          05 May 2010:
          PLD-DEV: Changed the way the pretext system works, now it’s the
          same as the disclaimer system of specifying files
          –pretext=
          –pretext-html=
          –pretext-b64=

          If you have BOTH pretext and disclaimer files specified then
          alterMIME will now insert both in the single run.

          PLEASE NOTE – due to the streaming requirements the PRETEXT
          HTML insertion routine -depends- on there being a BODY tag
          present else the insertion will not occur.

  5. Hi Iman,
    I found that the problem is not only related to gmail (which does not insert into the email the and tags) but to any email client which will be using a body tag with additional parameters and moving the closing > into next line).
    The problem is due to the streaming approach of altermime reading the email line by line so if a tag is split in 2 lines altermime sees the beginning but will not find the ending of the tag and decide there is no tag and will not insert the disclaimer.
    Here an extract of an email created by Outlook,:
    <p =
    as you can see the tag body begin on one line but ends in the next line.

    So the solution is to either modify altermime to support tags across lines or to use some other tool to fix the HTML in the email.

    Thanks
    Luigi

          1. Hi Iman bro,

            Thanks for your immediate reply, i did not enabled disclaimer in my zimbra server.. i used your configuration only .. but non gmail domains email header looks like this it included 2 times.. i dont know where to check.

            testetst

            ———————————————————————————————————————————————————————–
            # CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe. #
            ———————————————————————————————————————————————————————–
            –=_574ea0e3-95ae-4ba5-adc6-41d08a936039
            Content-Type: text/html; charset=utf-8
            Content-Transfer-Encoding: 7bit

            testetst

            CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

            CAUTION: This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.

            –=_574ea0e3-95ae-4ba5-adc6-41d08a936039–

  6. Hi Eman,
    Good day,

    When I configure this, this is not working my zimbra version is 8.7.11_GA_3865.NETWORK.
    can you help me with this, please?

    By the way, I have a default disclaimer. when I configure this my default disclaimer also not working

    Thank you

    Thank you.

  7. Hi Iman,

    Is any option to add any tag like [External] in subject for only all external emails..

    I have tried the postfix_header_check rule but it add double exteranal tags for all external mails.. can you give some solution…

    This below rule i added

    cat /opt/zimbra/conf/custom_header_checks
    #/^Subject:(.*)/ REPLACE Subject: [EXTERNAL]

    if /^Subject:/
    # Subject checks go here
    /:(.*)/ REPLACE Subject:[EXTERNAL]$1
    /^/ OK
    endif

  8. Hi,

    Thanks for this article. Can you share how to add in the subject line as External for all incoming messages which are originated from outside domain.

      1. Hi Imam,

        could you achieve the solution for adding in subject [External] tag.

        Please provide some solution.
        Thank in advance.

        Regards.

          1. Thank you Iman for your tutorials on zimbra.

            Whenever you get time, Please try getting some solutions for adding in subject [External] tag.

            Thanks and Regards
            Om

  9. Hello Mr. Iman,

    thank you for your article,
    i try the script in zimbra version Release 8.6.0_GA_but the script is not working when i send the email from another organization, but i try in zimbra version Release 8.7.11_GA is working.

    please advice.
    thank you

    1. It works on Zimbra 8.6
      You just need to change
      /opt/zimbra/common/bin/altermime
      to
      /opt/zimbra/altermime/bin/altermime

  10. Hi,
    I am already using –disclaimer to placed at the bottom, this script breaks everything, how can be used together?

    thanks

  11. Hi Friend,
    I have tried this on ZCS 8.8.8, But Warning adds on both incoming and out going emails as well.
    Do you have any suggestions.

    use strict;

    $altermime=’/opt/zimbra/common/bin/altermime’;
    @altermime_args_disclaimer = qw(–verbose –pretext=/opt/zimbra/data/altermime/_OPTION_.txt –pretext-html=/opt/zimbra/data/altermime/_OPTION_.html –force-for-bad-html);
    $defang_maps_by_ccat{+CC_CATCHALL} = [‘disclaimer’];
    $allow_disclaimers = 1;
    @local_domains_maps = ([“.”]);
    @disclaimer_options_bysender_maps = ({
    ‘example.com’ => ‘local_domains’,
    ‘.’ => ‘external_domains’,

    },);

    1;

  12. Hi Imam,
    I have tried this on 8.8.15
    But the issue is if i send mail to external user, then he also get the same caution message.

  13. I don’t understand. I did everything according to the instructions! All incoming mail is not marked in any way, and everything that I send is marked with a warning. and if I create empty files it doesn’t work at all! Please help me!

  14. zmprov mcf zimbraDomainMandatoryMailSignatureEnabled FALSE
    send mail to my domain for other domain and dont work((((

  15. Dear Imanudin, Assalamu Alaikum
    Please help me…? I face some problem. Some user of zimbra can’t received attached file more then 1MB (even same domain also) but these user can send attach file and some have no problem. I gave you below quota information.

    Zimbra version: Release 8.8.7.GA.1964.UBUNTU16.64 UBUNTU16_64 FOSS edition.
    message_size_limit = 104857600
    zimbraMailContentMaxSize: 102400000
    zimbraMtaMaxMessageSize: 104857600
    zimbraFileUploadMaxSize: 3145728000
    user quota unlimited

    error message:
    : host 127.0.0.1[127.0.0.1] said: 552 5.3.4 Message
    size (10808532 B) exceeds size limit (in reply to end of DATA command)

    Regards
    Ashraf

  16. Hi Iman, Assalamulaikum
    I am using this external email warnings some of our mail server.
    Currently I configure it in one another server , but not working.
    CentOS release 6.10 (Final)
    Release 8.6.0_GA_1153.RHEL6_64_20141215151155 RHEL6_64 FOSS edition, Patch 8.6.0_P14.
    what i have to do now.

  17. we have implemented –pretext caution successfully but including some domains, gmail & Microsoft does not apply –pretext. what can we do?
    thank you.

    1. Hi Imal,
      Some domains like gmail does not appear on header if use pretext. However, if you see full header, you will find additional text using pretext.

      1. Hi iman,
        you are corerct, i can see this in gmail header
        X-Amavis-Modified: Mail body modified (using disclaimer) – mymail.mydomain.com
        then any idea on this?

        thank you,

  18. Hello Iman,
    I have a little question, I did all incoming mail adding incoming mail tag in the body, My problem is repyling mail to much tag. I want to if have a one tag, not add another tag, if not have a body tagging add to tag. Is this possible?

    I hope I was able to ask correctly now

  19. Hi Iman,
    I just realized that using this approach breaks DKIM signature for outgoing messages (even if no text is added to the message).

    Any Idea?
    Thanks
    Luigi

    1. Hi Luigi,
      If you put disclaimer on the footer/bottom, DKIM works properly. It seems disclaimer breaks DKIM if put on the header

  20. I follow the instructions and it was brilliant to add the disclaimer text to emails. However, this then broke my dkim configuration, so my emails to Google were all failing. It said that amavis modified the body hash.

    Do you know a way around this? To have the disclaimer and yet not modify the email so it fails dkim?

  21. iamn, in my case nothing appens. is this the correct config? change exemple.com to my domain?

    use strict;

    $altermime=’/opt/zimbra/common/bin/altermime’;
    @altermime_args_disclaimer = qw(–verbose –pretext=/opt/zimbra/data/altermime/_OPTION_.txt –pretext –
    html=/opt/zimbra/data/altermime/_OPTION_.html –force-for-bad-html); $defang_maps_by_ccat{+CC_CATCHALL} = [‘disclaimer’];
    $allow_disclaimers = 1;
    @local_domains_maps = ([“.”]);
    @disclaimer_options_bysender_maps = ({

    ‘MYDOMAIN.com’ => ‘local_domains’, ‘.’ => ‘external_domains’,

    },); 1;

  22. I followed the instructions and checked everything twice. I’m running on 8.7.11_GA_1854.FOSS
    is there any additional set up for this version?

  23. Great guide.

    We already have domain disclaimers , when we activate the external warning , now all outbound mails get two disclaimers instead of one.

    If we disable the external warning in /opt/zimbra/conf/amavisd.conf.in #include_config_files(‘/opt/zimbra/conf/disclaimer-external.conf’);

    Then only 1 disclaimer is send out, as it should be.

    Any advice?

  24. Hello, thank you very much for your manual, it helped me a lot!
    And I have a question, is there possibility to disable External Email Warning Message for one or several internal mail recipients ?

  25. Dear Iman

    I followed the steps using zcs-8.8.15_GA but can’t seem to get it working.

    Our domain uses disclaimer and zimbraDomainMandatoryMailSignatureEnabled TRUE

    If i send from external domain to my domain the warning does not show.
    Any ideas?

    Thank you

  26. Hi Iman,

    I am using this on zimbra 8.8.15 and it’s working good on the footer as per your instructions. but for few emails it is not inserting the disclaimer and in logs I see the below errors for such emails. Can you help:

    amavis[28950]: (28950-04) program /opt/zimbra/common/bin/altermime said: Attempting to add disclaimer\nWARNING: Could not insert HTML disclaimer into email\nDone.\n

    Also in few emails we see the disclaimer are inserted multiple times.

  27. Tried this, but it breaks DKIM signing of outgoing emails. upon disabling DKIM Signing:

    ## %%uncomment SERVICE:opendkim%% forward_method => ‘smtp:[%%zimbraLocalBindAddress%%]:10030’,

    completely disables DKIM signing.

    Release 8.8.15_GA_3953.RHEL8_64_20200629025823 RHEL8_64 FOSS edition, Patch 8.8.15_P24.

  28. Some internal emails from internal systems are being included this note. Do you know the reason? Where does it check and is the email internal or external?

    1. Hi Yumi,
      By default, this guidance will add an external warning for both (internal and external). However, you can ignore it by creating an empty txt/html file. The guide is at the bottom of the article

  29. Thank you for your help.
    I have another doubt. I followed your instructions to change “pretext” to “disclaimer” it worked for gmail, the notification is appearing in the footer, but for the other emails it is appearing with the duplicate notification. Do you know why and how to fix it?

    1. Hi Yumi,
      Please make sure you do not enable a disclaimer for your domain. If you do, you should choose one. External warning or disclaimer

  30. zmprov mcf zimbraDomainMandatoryMailSignatureEnabled FALSE

    It is disabled… I restarted the service and it is still duplicating.

    Exemple hotmail

    Content-Type: text/plain; charset=”iso-8859-1″
    Content-Transfer-Encoding: quoted-printable

    Teste

    CUIDADO: Este e-mail foi originado de fora da organiza=C3=A7=C3=A3o. N=C3=A3o clique em links ou abra anexos, a menos que reconhe=C3=A7a o remetente e saiba que o conte=C3=BAdo =C3=A9 seguro.=0A

    –_000_
    Content-Type: text/html; charset=”iso-8859-1″
    Content-Transfer-Encoding: quoted-printable

    Teste

    =
    CUIDADO: este e-mail foi originado de fora da organização. Não clique em links ou abra anexos, a menos que reconheça o remetente e saiba que o conteúdo é seguro.=0A
    =

    =
    CUIDADO: este e-mail foi originado de fora da organização. Não clique em links ou abra anexos, a menos que reconheça o remetente e saiba que o conteúdo é seguro.=0A
    =
    –_000_

  31. Hi,

    Related to DKIM signing we fixed to issue by setting allow_disclaimers => 0 to $policy_bank{‘MYNETS’} on line 86 in file /opt/zimbra/conf/amavisd.conf.in

    Related to duplicating disclaimer you can try to remove –force-for-bad-html

      1. Hi Iman,

        Regarding the dkim signing, which is better do you think? Your solutionn in the 30 Jun 2021 Update or Sebastian’s solution in his October 31, 2021 Post?

        Thanks,
        Bob

    1. DKIM signing was fixed as per your instructions by setting allow_disclaimers => 0 to $policy_bank{‘MYNETS’} on line 86 in file /opt/zimbra/conf/amavisd.conf.in

      whereas when we remove –force-for-bad-html, it stops sending disclaimer.

      Also disclaimer is getting skipped in few of the external emails and in few of the emails its getting inserted twice… Not sure the reason though…

      1. I have the same problem with this discalimer: skipped in few of the external emails and in few of the emails its getting inserted twice.

        Is there a solution? Thanks.

    2. Hi Sebastian,

      Could you please paste the lines that you changed showing what they look like now? I’m faily new to Zimbra and I’m still trying to get my head around a lot of this stuff.

      Thanks,
      Bob

    3. Hi guys!
      When –force-for-bad-html is enabled, it’s sends two disclaimers when email comes from outlook, yahoo and local_domains. But, when comes from Gmail, there is one disclaimer.
      So, I remove –force-for-bad-html, stops sending two disclaimers. But when email comes from Gmail, there isn’t disclaimer. 🙁

  32. Hi Iman,

    I have followed all step as per above guide, However disclaimer doesn’t work for me.
    I am using external disclaimer with my domain which i disabled as suggested in one of your comment. I have tried in both like with –pretext and –disclaimer but no luck.
    How do i troubleshoot where is the issue? is there any log where i can see what exactly is the issue?
    Below are my zimbra details
    OS-Ubuntu
    Zimbra version – 8.8.15
    domain disclaimer – Which disabled using – zmprov mcf zimbraDomainMandatoryMailSignatureEnabled FALSE

  33. Hi Iman,

    How to send the signature created in Zimbra when sending mail from Outlook or Thunderbird?
    For example : Signed mail is not sent when sending mail when configured with Activesync, IMAP or POP via Outlook. But when sending mail via Zimbra Web, it is signed.
    Waiting for your solutions. Thanks.

  34. Hello
    I have zimbra Release 9.0.0.GA.4178.UBUNTU20.64 UBUNTU20_64 NETWORK edition, Patch 9.0.0_P25.
    I followed You instrtuctions but on my zimbra external email warning message does not work
    any sugestion what to check

  35. Hi iman,

    Is it possible to add multiple domains dynamically in the script ? i don’t want to edit same file after creating new domain. i should be dynamic . i am having 500+ domains in my environment

    1. Hello Tom,
      1. You can use global warning for all domains. The dot (.) it means for any domains
      2. Because this from disclaimer/altermime application, you can follow the sample configuration from Altermime for dynamic

  36. Hi Iman;
    I got an extra empty line at the begining of each incoming email after adding the disclaimer with the (–pretext), the question is how can I remove it?

    Thanx

  37. Prezados, bom dia.

    Fiz todos os passos, porém parece que barra em alguma coisa ou ele nao consegue ler, porque nao chega o email externo com a mensagem, fiz todos esses passos, e nao deu nenhum erro, so que nao executa.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.