IRedMail/FAQ/LDAP/Per-user.Whitelist.Blacklist

From iRedMail
(Difference between revisions)
Jump to: navigation, search
 

Latest revision as of 21:33, 11 September 2011

[edit] Question

How to achieve below restrictions in iRedMail with OpenLDAP backend?

  • User B can send emails only to given domains and its sub domains (eg. example.com, test.com), can receive emails from any domain.
  • User C can send and receive emails only to & from given domains and its sub doamins (eg. example.com, test.com)
  • User D can send and receive emails only to & from given email addresses. (eg. admin@example.com, user@test.com)

[edit] Solution

Note: You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot: [1]

This is per-user black/whitelist, implemented in iRedAPD - a postfix policy server.

  • ) Make sure you have iRedAPD enabled in Postfix. It's enabled by default since iRedMail-0.7.0.
File: /etc/postfix/main.cf
smtpd_recipient_restrictions = ..., check_policy_server inet:127.0.0.1:7777, permit_mynetworks, ...
  • ) Make sure you have plugin 'block_amavisd_blacklisted_senders' enabled in /opt/iredapd/etc/iredapd.ini:
File: /opt/iredapd/etc/iredapd.ini
[ldap]
...
plugins = block_amavisd_blacklisted_senders, ...

It's now ready to configure per-user blacklist/whitelist.


  • Question: User B can send emails only to given domains and its sub domains (eg. example.com, test.com), can receive emails from any domain.

Add below LDAP attributes/values in LDAP server for user B:

mailBlacklistRecipient: @.          # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: @.example.com          # <-- Bypass mails sent to domain "example.com" and its sub-domains.
mailWhitelistRecipient: @.test.com
  • Question: User C can send and receive emails only to & from given domains and its sub doamins (eg. example.com, test.com)

Add below LDAP attributes/values in LDAP server for user C:

amavisBlacklistSender: @.          # <-- Reject mails sent FROM all accounts.
amavisWhitelistSender: @.example.com   # <-- Bypass mails sent FROM domain 'example.com' and its sub-domains.
amavisWhitelistSender: @.test.com

mailBlacklistRecipient: @.          # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: @.example.com          # <-- Bypass mails sent to domain "example.com" and its sub-domains.
mailWhitelistRecipient: @.test.com
  • User D can send and receive emails only to & from given email addresses. (eg. admin@example.com, user@test.com)

Add below LDAP attributes/values in LDAP server for user C:

amavisBlacklistSender: @.          # <-- Reject mails sent FROM all accounts.
amavisWhitelistSender: admin@example.com   # <-- Bypass mails sent FROM user 'admin@example.com'
amavisWhitelistSender: user@test.com

mailBlacklistRecipient: @.          # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: admin@example.com          # <-- Bypass mails sent to user 'admin@example.com'
mailWhitelistRecipient: user@test.com
Personal tools