Let’s Work Together

Partner with you to deliver responsive and cost-effective IT & Support solutions
Partner with you
Attitude to Serve
These are the reasons why AionSolution is your vendor when you are seeking someone to support your IT in your office.
+852 2636 6177

How to restrict outgoing email as well as external web access for certain users?

Restricting users to send mails to certain domains

1. Enter following in the file “/opt/zimbra/conf/postfix_recipient_restrictions.cf”. Make sure it is entered at the top of the file.

ZCS 8.x: Enter in file /opt/zimbra/conf/zmconfigd/smtpd_recipient_restrictions.cf

vi /opt/zimbra/conf/postfix_recipient_restrictions.cf
check_sender_access hash:/opt/zimbra/postfix/conf/restricted_senders 

Note: This line should be added after the reject_non_fqdn_recipient line
Note: ZCS 8.5 and later use lmdb databases, not hash databases

2. Enter following in “/opt/zimbra/conf/zmmta.cf”

ZCS 8.x: Enter in file /opt/zimbra/conf/zmconfigd.cf

vi /opt/zimbra/conf/zmmta.cf
Find the section labeled SECTION mta and enter the following two lines directly below
POSTCONF    smtpd_restriction_classes      local_only
POSTCONF    local_only        FILE  postfix_check_recipient_access.cf

3. Create a file “/opt/zimbra/conf/postfix_check_recipient_access.cf”

vi /opt/zimbra/conf/postfix_check_recipient_access.cf
check_recipient_access hash:/opt/zimbra/postfix/conf/local_domains, reject

4. Create a file “/opt/zimbra/postfix/conf/restricted_senders” and list all the users, whom you want to restrict. Follow this syntax:

vi /opt/zimbra/postfix/conf/restricted_senders
user@yourdomain.com            local_only

5. Create a file “/opt/zimbra/postfix/conf/local_domains” and list all the domains where “restricted users” allowed to sent mails. Please follow this syntax:

vi /opt/zimbra/postfix/conf/local_domains
yourdomain.com              OK 
otheralloweddomain.com      OK

6. Run following commands:

postmap /opt/zimbra/postfix/conf/restricted_senders
postmap /opt/zimbra/postfix/conf/local_domains 
zmmtactl stop 
zmmtactl start

After these settings, all the users listed in “/opt/zimbra/postfix/conf/restricted_senders” are restricted to send mails only to domain which are defined in “/opt/zimbra/postfix/conf/local_domains”, other are fully allowed to send mails anywhere. These settings will not survive Zimbra upgrades, please make sure that you backup of all these settings while performing upgrades.