ZhangHuangbin at 03:33, 12 September 2011

ZhangHuangbin — Mon, 12 Sep 2011 03:33:57 GMT

← Older revision		Revision as of 03:33, 12 September 2011
Line 6:		Line 6:

	= Solution =		= Solution =
		+
		+	Note: You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot: [http://screenshots.iredmail.googlecode.com/hg/iredadmin/user_profile_restrictions.png]
		+
	This is per-user black/whitelist, implemented in iRedAPD - a postfix policy server.		This is per-user black/whitelist, implemented in iRedAPD - a postfix policy server.

Line 57:		Line 60:
	mailWhitelistRecipient: user@test.com		mailWhitelistRecipient: user@test.com
	</pre>		</pre>
-
-	~~You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot:~~
-	~~[http://screenshots.iredmail.googlecode.com/hg/iredadmin/user_profile_restrictions.png]~~

ZhangHuangbin: /* Solution */

ZhangHuangbin — Mon, 12 Sep 2011 03:32:49 GMT

Solution

← Older revision		Revision as of 03:32, 12 September 2011
Line 59:		Line 59:

	You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot:		You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot:
-	http://screenshots.iredmail.googlecode.com/hg/iredadmin/user_profile_restrictions.png	+	[http://screenshots.iredmail.googlecode.com/hg/iredadmin/user_profile_restrictions.png]

ZhangHuangbin: Created page with '= Question = How to achieve below restrictions in iRedMail with OpenLDAP backend? * User B can send emails only to given domains and its sub domains (eg. example.com, test.com), …'

ZhangHuangbin — Mon, 12 Sep 2011 03:30:44 GMT

Created page with '= Question = How to achieve below restrictions in iRedMail with OpenLDAP backend? * User B can send emails only to given domains and its sub domains (eg. example.com, test.com), …'

New page

= Question =
How to achieve below restrictions in iRedMail with OpenLDAP backend?
* User B can send emails only to given domains and its sub domains (eg. example.com, test.com), can receive emails from any domain.
* User C can send and receive emails only to & from given domains and its sub doamins (eg. example.com, test.com)
* User D can send and receive emails only to & from given email addresses. (eg. admin@example.com, user@test.com)

= Solution =
This is per-user black/whitelist, implemented in iRedAPD - a postfix policy server.

*) Make sure you have iRedAPD enabled in Postfix. It's enabled by default since iRedMail-0.7.0.
{{cfg|/etc/postfix/main.cf|<pre>
smtpd_recipient_restrictions = ..., check_policy_server inet:127.0.0.1:7777, permit_mynetworks, ...
</pre>}}

*) Make sure you have plugin 'block_amavisd_blacklisted_senders' enabled in /opt/iredapd/etc/iredapd.ini:
{{cfg|/opt/iredapd/etc/iredapd.ini|<pre>
[ldap]
...
plugins = block_amavisd_blacklisted_senders, ...
</pre>}}

It's now ready to configure per-user blacklist/whitelist.

* Question: User B can send emails only to given domains and its sub domains (eg. example.com, test.com), can receive emails from any domain.

Add below LDAP attributes/values in LDAP server for user B:
<pre>
mailBlacklistRecipient: @. # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: @.example.com # <-- Bypass mails sent to domain "example.com" and its sub-domains.
mailWhitelistRecipient: @.test.com
</pre>

* Question: User C can send and receive emails only to & from given domains and its sub doamins (eg. example.com, test.com)

Add below LDAP attributes/values in LDAP server for user C:
<pre>
amavisBlacklistSender: @. # <-- Reject mails sent FROM all accounts.
amavisWhitelistSender: @.example.com # <-- Bypass mails sent FROM domain 'example.com' and its sub-domains.
amavisWhitelistSender: @.test.com

mailBlacklistRecipient: @. # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: @.example.com # <-- Bypass mails sent to domain "example.com" and its sub-domains.
mailWhitelistRecipient: @.test.com
</pre>

* User D can send and receive emails only to & from given email addresses. (eg. admin@example.com, user@test.com)

Add below LDAP attributes/values in LDAP server for user C:
<pre>
amavisBlacklistSender: @. # <-- Reject mails sent FROM all accounts.
amavisWhitelistSender: admin@example.com # <-- Bypass mails sent FROM user 'admin@example.com'
amavisWhitelistSender: user@test.com

mailBlacklistRecipient: @. # <-- Reject mails sent to all accounts.
mailWhitelistRecipient: admin@example.com # <-- Bypass mails sent to user 'admin@example.com'
mailWhitelistRecipient: user@test.com
</pre>

You can easily manage per-user whitelist/blacklist with iRedAdmin-Pro admin panel. Screenshot:
http://screenshots.iredmail.googlecode.com/hg/iredadmin/user_profile_restrictions.png

IRedMail/FAQ/LDAP/Per-user.Whitelist.Blacklist - Revision history

ZhangHuangbin at 03:33, 12 September 2011

ZhangHuangbin: /* Solution */

ZhangHuangbin: Created page with '= Question = How to achieve below restrictions in iRedMail with OpenLDAP backend? * User B can send emails only to given domains and its sub domains (eg. example.com, test.com), …'