• Masim “Vavai” Sugianto

    Founder PT. Excellent Infotama Kreasindo– perusahaan email services provider (ESP) dan menjadi konsultan pada berbagai instansi pemerintah, korporasi besar, lembaga perbankan dan institusi pendidikan di Indonesia.

    Lebih detail tentang Vavai.




  • Publishing

  • Recent Posts

    • TOEFL ITP Score (Kedua)
    • Bisnis Kelapa Muda
    • Model Usaha
    • Back-End Developer, Front-End Developer & Staff IT Support
    • Markas Excellent Danita
  • Recent Comments

    • medicine-online.estranky.skclankyunderstand-covid-19-and-know-the-tricks-to-avoid-it-from-spreading-----medical-services.html on Instalasi Squid Proxy Server pada OpenSUSE
    • asebg.bigcartel.comcanadian-pharmacy on Instalasi Squid Proxy Server pada OpenSUSE
    • dkyubn.bizwebs.com on Instalasi Squid Proxy Server pada OpenSUSE
    • http://aonubs.website2.me/ on Instalasi Squid Proxy Server pada OpenSUSE
    • canadian pharmacy online on Instalasi Squid Proxy Server pada OpenSUSE
  • Archives

    • April 2022
    • January 2022
    • July 2021
    • June 2021
    • February 2021
    • January 2021
    • December 2020
    • August 2020
    • July 2020
    • April 2020
    • March 2020
    • August 2019
    • July 2019
    • June 2019
    • March 2019
    • February 2019
    • January 2019
    • November 2018
    • October 2018
    • August 2018
    • May 2018
    • April 2018
    • January 2018
    • December 2017
    • July 2017
    • December 2016
    • November 2016
    • April 2016
    • March 2016
    • November 2015
    • July 2015
    • April 2015
    • November 2014
    • October 2014
    • February 2014
    • January 2014
    • December 2013
    • November 2013
    • October 2013
    • September 2013
    • August 2013
    • June 2013
    • May 2013
    • March 2013
    • February 2013
    • January 2013
    • December 2012
    • November 2012
    • October 2012
    • September 2012
    • August 2012
    • July 2012
    • June 2012
    • May 2012
    • April 2012
    • March 2012
    • February 2012
    • January 2012
    • December 2011
    • November 2011
    • October 2011
    • September 2011
    • August 2011
    • July 2011
    • June 2011
    • May 2011
    • April 2011
    • March 2011
    • February 2011
    • January 2011
    • December 2010
    • November 2010
    • October 2010
    • September 2010
    • August 2010
    • July 2010
    • June 2010
    • May 2010
    • April 2010
    • March 2010
    • February 2010
    • January 2010
    • October 2008
    • September 2008
    • August 2008
    • July 2008
    • June 2008
    • May 2008
    • April 2008
    • March 2008
    • February 2008
    • January 2008
    • December 2007
    • November 2007
    • October 2007
    • September 2007
    • August 2007
    • July 2007
    • June 2007
    • May 2007
    • April 2007
    • March 2007
  • Home
  • Bisnis & Marketing
  • Computer & IT Related
  • Lifestyle
  • Publishing
  • Free Stuff
  • About
  • Kontak

Membatasi User Kirim Ke Distribution List/Restrict Postfix Recipients

April 5, 2012

Pada Zimbra Mail Server, terdapat fasilitas Distribution List yang memudahkan pengiriman ke beberapa user dirangkum menjadi satu alamat email. Akan tetapi, distribution list ini masih bisa di kirim oleh semua user, baik internal email maupun external email. Agar tidak terjadi blast email, pengiriman terhadap distribution list bisa kita batasi. Berikut langkah-langkahnya :

1. Buat daftar domain/user yang boleh mengirim ke distribution list

su - zimbra
vi /opt/zimbra/postfix/conf/permitted_senders

su - zimbra vi /opt/zimbra/postfix/conf/permitted_senders

vavai.com                       OK
ahmad.iman@excellent.co.id      OK
vavai@excellent.co.id           OK

vavai.com                       OK ahmad.iman@excellent.co.id      OK vavai@excellent.co.id           OK

2. Buat daftar distribution list yang hendak di proteksi

vi /opt/zimbra/postfix/conf/protected_recipients

vi /opt/zimbra/postfix/conf/protected_recipients

support@excellent.co.id         permitted_senders_list
everyone@excelllent.co.id       permitted_senders_list

support@excellent.co.id         permitted_senders_list everyone@excelllent.co.id      permitted_senders_list

3. Buat sebuah script untuk membuat postfix database

vi /opt/zimbra/postfix/conf/update_protected_recipients

vi /opt/zimbra/postfix/conf/update_protected_recipients

isinya seperti berikut :

#!/bin/bash
echo "rebuild permitted_senders..."
postmap /opt/zimbra/postfix/conf/permitted_senders
echo "rebuild protected_recipients..."
postmap /opt/zimbra/postfix/conf/protected_recipients

#!/bin/bash echo "rebuild permitted_senders..." postmap /opt/zimbra/postfix/conf/permitted_senders echo "rebuild protected_recipients..." postmap /opt/zimbra/postfix/conf/protected_recipients

4. Berikan hak akses agar bisa dieksekusi

chmod 755 /opt/zimbra/postfix/conf/update_protected_recipients

chmod 755 /opt/zimbra/postfix/conf/update_protected_recipients

5. Jalankan script yang telah dibuat

/opt/zimbra/postfix/conf/update_protected_recipients

/opt/zimbra/postfix/conf/update_protected_recipients

6. Tambahkan sedikit konfigurasi pada main.cf

vi /opt/zimbra/postfix/conf/main.cf

vi /opt/zimbra/postfix/conf/main.cf

masukkan pada baris paling bawah

permitted_senders_list = check_sender_access hash:/opt/zimbra/postfix/conf/permitted_senders, reject
smtpd_restriction_classes = permitted_senders_list

permitted_senders_list = check_sender_access hash:/opt/zimbra/postfix/conf/permitted_senders, reject smtpd_restriction_classes = permitted_senders_list

Cari tulisan smtpd_recipient_restrictions, kemudian tambahkan baris berikut sebelum tulisan permit

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

Contoh konfigurasi saya :

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org reject_rbl_client zen.spamhaus.org, check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, permit

7. Tambahkan juga konfigurasi tersebut pada file postfix_recipient_restrictions.cf

vi /opt/zimbra/conf/postfix_recipient_restrictions.cf

vi /opt/zimbra/conf/postfix_recipient_restrictions.cf

paste perintah berikut dan jadikan baris pertama

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients

8. Restart service postfix

postfix reload

postfix reload


CATATAN: Jika ingin menambahkan beberapa user yang diizinkan kirim atau menambahkan daftar distribution list, jangan lupa lakukan kembali perintah no 5 dan 8

Silakan dicoba dan semoga bermanfaat 😀

sumber : Zimbra Restricted Recipients

mail serverplanet-terasi-aggregatorTricks & TutorialTutorialZimbra
Share

Linux  / Tips, Tricks & Tutorial

Ahmad Imanudin
Ahmad Imanudin, Guest Blogger di http://www.vavai.com.Tinggal di Bekasi. Bekerja sebagai salah satu support di PT. Excellent Infotama Kreasindo.

You might also like

Webinar Zimbra : Mindset untuk Team IT
July 29, 2020
Eskalasi Masalah Email : mailbox unavailable invalid DNS MX or A/AAAA resource record
July 14, 2020
Two Factor Authentication (2FA/TFA) untuk Meningkatkan Keamanan Akses Email
April 24, 2020

14 Comments


aghe milano
April 6, 2012 at 10:35 am

Terima kasih pak sangat bermanfaat sekali khususnya untuk saya



ihsan
August 22, 2012 at 4:25 pm

Pak Vavai,

sy coba configurasi berikut, tetapi tidak berhasil
log 451 4.3.5 server configuration error

sy menggunakan zimbra 5 (ubuntu 8.04)

mohon petunjuknya



Tips Zimbra : Membatasi Pengiriman ke User Tertentu/Distribution List Dengan PolicyD | PT. Excellent Infotama Kreasindo
January 28, 2013 at 10:08 am

[…] pembatasan pengiriman email terhadap distribution list sudah dibahas pada artikel sebelumnya yaitu Membatasi User Kirim Ke Distribution List/Restrict Postfix Recipients dengan melakukan sedikit tunning pada postfix. Dengan menggunakan Policyd, pengaturan tersebut […]



stenley
February 6, 2013 at 6:07 pm

Trimakasi Mas Vavai buat tutorialnya.
oh ya Mas, step2 yang di atas sudah saya ikuti dan tidak ada error setelah postfix reload.
ketika diuji, yang terjadi adalah email dari dalam tidak bisi kirim ke email luar seperti yahoo dan gmail. kira2 apa ya mas penyebabnya?



Ahmad Imanudin
February 6, 2013 at 6:37 pm

@Stenly : Hi mas, coba check lagi konfigurasinya, biasanya salah konfigurasi di point no 6



stenley
February 7, 2013 at 11:58 am

@Ahmad, sudah saya cek Mas, mestinya si uda ga ada salah penulisan.
oh ya Mas, yang di step 6 kalo scriptnya seperti yang diatas

smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org reject_rbl_client zen.spamhaus.org, check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, permit

setelah saya postfix reload, “script check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, permit” pindah posisinya jadi seperti di bawah ini:

smtpd_recipient_restrictions = check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, check_policy_service inet:127.0.0.1:10031, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org reject_rbl_client zen.spamhaus.org, permit

apakah ini normal Mas?



Ahmad Imanudin
February 7, 2013 at 1:24 pm

@Stenley : Hi mas, itu tidak masalah selama proses berjalan dengan lancar



yenstle
February 12, 2013 at 7:54 pm

Mas Ahmad, kalo saya sudah mengikuti semua step-step yang dikasi dan saya mau kembali (restore) ke kondisi sebelum saya melakukan konfigurasi di atas gimana caranya ya? terimakasih



Ahmad Imanudin
February 13, 2013 at 9:08 am

@Yenstle : Hi mas, tinggal buang saja semua konfigurasi yang telah dilakukan. Misalnya pada step 1, step 2 dan seterusnya



distribution list | Rasito
May 30, 2013 at 4:12 pm

[…] view sourceprint? 1.smtpd_recipient_restrictions = check_policy_service inet:127.0.0.1:10031, reject_non_fqdn_recipient, permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, reject_non_fqdn_sender, reject_rbl_client b.barracudacentral.org reject_rbl_client zen.spamhaus.org, check_recipient_access hash:/opt/zimbra/postfix/conf/protected_recipients, permit […]



irawan
January 29, 2014 at 10:26 am

Terimakasih banyak pak Vavai,
Sangat jelas dan bermanfaat sekali tutorialnya,
Salam Kenal Ya,



irawan
January 29, 2014 at 10:27 am

Ijin Copy ya Pak …



dodi
June 27, 2014 at 1:56 pm

koq jadi begini ya pak?
rebuild permitted_senders…
postmap: fatal: /opt/zimbra/postfix-2.6.14.2z/conf/main.cf, line 32: missing ‘=’ after attribute name: “permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, ”

rebuild protected_recipients…
postmap: fatal: /opt/zimbra/postfix-2.6.14.2z/conf/main.cf, line 32: missing ‘=’ after attribute name: “permit_sasl_authenticated, permit_mynetworks, reject_unauth_destination, reject_unlisted_recipient, reject_invalid_hostname, “



ichsan
January 9, 2016 at 8:28 pm

Gak jalan ya untuk distribution restrictied postfix di zimbra 8.6?
apakah ada update lagi untuk pembatasan distribution list?
di coba di zimbra 8.6 tidak menggunakan hash tapi lmdb tapi tetap saja tidak bisa



Leave a Reply

Your email address will not be published. Required fields are marked *

CAPTCHA
Refresh

*

  • Artikel



  • Blogroll

    • DNS Propagation Checker
    • Instagram Photo/Video Downloader
    • PT. Excellent Infotama Kreasindo
  • Publishing

  • Recent Posts

    • TOEFL ITP Score (Kedua)
    • Bisnis Kelapa Muda
    • Model Usaha
    • Back-End Developer, Front-End Developer & Staff IT Support
    • Markas Excellent Danita
    • Pekerjaan Excellent
    • iMac 2021
    • Problem Solving
    • Kolam Mina Padi/Mina Genjer
    • Team Excellent


  • Links Ads

  • Recent Post

    • TOEFL ITP Score (Kedua)
    • Bisnis Kelapa Muda
    • Model Usaha
    • Back-End Developer, Front-End Developer & Staff IT Support
    • Markas Excellent Danita
    • Pekerjaan Excellent
    • iMac 2021
    • Problem Solving
    • Kolam Mina Padi/Mina Genjer
    • Team Excellent
    • Telur Bebek Mentah
    • Kursi Kayu dan Gerobak Angkringan
    • Kebun Pisang Barangan dan Ambon Kuning
    • Ternak Bebek
    • Data Statistik Covid dan Edukasi Media
  • Recent Comments

    • medicine-online.estranky.skclankyunderstand-covid-19-and-know-the-tricks-to-avoid-it-from-spreading-----medical-services.html on Instalasi Squid Proxy Server pada OpenSUSE
    • asebg.bigcartel.comcanadian-pharmacy on Instalasi Squid Proxy Server pada OpenSUSE
    • dkyubn.bizwebs.com on Instalasi Squid Proxy Server pada OpenSUSE
    • http://aonubs.website2.me/ on Instalasi Squid Proxy Server pada OpenSUSE
    • canadian pharmacy online on Instalasi Squid Proxy Server pada OpenSUSE
    • site592154748.fo.team on Instalasi Squid Proxy Server pada OpenSUSE
    • kqwsh.wordpress.com20220516what-everybody-else-does-when-it-comes-to-online-pharmacies on Instalasi Squid Proxy Server pada OpenSUSE
    • canadian rx on Instalasi Squid Proxy Server pada OpenSUSE
    • kwersd.mystrikingly.com on Instalasi Squid Proxy Server pada OpenSUSE
    • canadian prescriptions online on Instalasi Squid Proxy Server pada OpenSUSE