Re: [Gutl-l] zimbra + politicas de envio(Solved)

Yuniesky Machado Rojas Mon, 15 Jun 2015 14:12:42 -0700

Un amigo de aca de santa marta, varadero compartio conmigo un scriptpara activar el cbpolicid y en conjunto con esta tutohttp://www.cfg.jovenclub.cu/gulcf/?p=2347 ya solucione el problema, aquiles dejo el script para los interesados, ha y funciona en 8.6


#/bin/bash
# Date
waktu=`date +%y%m%d%H%M%S`


# Create Folder Backup
lokasibackup="/srv/backupfile/policyd"

# Create directory if not exist
if [ ! -d $lokasibackup ]; then
        mkdir -p $lokasibackup
fi

chmod 775 $lokasibackup
chgrp zimbra $lokasibackup

echo -e"##########################################################################"echo -e "# Script Automatic ConfigurePolicyD #"echo -e "# Rate Limit Sending Message & Reject UnlistedDomain #"echo -e "# Ahmad Imanudin -http://www.imanudin.net #"echo -e "# If any question, please feel free to contact us atbelow #"echo -e "# Contact atah...@imanudin.com #"

echo -e "# i...@imanudin.net                        #"

echo -e"##########################################################################"

echo ""

# /* Variable for bold */
ibold="\033[1m""\n===> "
ebold="\033[0m"

namaserver=`su - zimbra -c "/opt/zimbra/bin/zmhostname"`;

echo -n "Type your domain. Example imanudin.net : "
read DOMAIN
echo ""

# Install and enabling PolicyD

echo -e $ibold"[*] INFO : Install and Enabling PolicyD"$ebold
echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "su - zimbra"

echo -e "zmprov ms $namaserver +zimbraServiceInstalled cbpolicyd+zimbraServiceEnabled cbpolicyd"echo -e "zmprov mcf +zimbraMtaRestriction 'check_policy_serviceinet:127.0.0.1:10031'"echo -e"-------------------------------------------------------------------------"

echo "Press key Enter"
read presskey
echo -e $ibold"Please wait a moment for process"$ebold
echo ""

su - zimbra -c "zmprov ms $namaserver +zimbraServiceInstalled cbpolicyd+zimbraServiceEnabled cbpolicyd"su - zimbra -c "zmprov mcf +zimbraMtaRestriction 'check_policy_serviceinet:127.0.0.1:10031'"


# Activating Modules PolicyD

echo -e $ibold"[*] INFO : Activating Modules PolicyD"$ebold
echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "zmprov ms $namaserver zimbraCBPolicydQuotasEnabled TRUE"
echo -e "zmprov ms $namaserver zimbraCBPolicydAccessControlEnabled TRUE"

echo -e"-------------------------------------------------------------------------"

echo "Press key Enter"
read presskey

su - zimbra -c "zmprov ms $namaserver zimbraCBPolicydQuotasEnabled TRUE"

su - zimbra -c "zmprov ms $namaserverzimbraCBPolicydAccessControlEnabled TRUE"


# Activating WebUI PolicyD

echo -e $ibold"[*] INFO : Activating WebUI PolicyD"$ebold
echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui"
echo -e "vi /opt/zimbra/cbpolicyd/share/webui/includes/config.php"

echo -e"-------------------------------------------------------------------------"

echo "Press key Enter for activating WebUI PolicyD"
read presskey

cd /opt/zimbra/httpd/htdocs/ && ln -s ../../cbpolicyd/share/webui

cp /opt/zimbra/cbpolicyd/share/webui/includes/config.php$lokasibackup/config.php-$waktused -i s/'$DB_DSN'/'#$DB_DSN'/g/opt/zimbra/cbpolicyd/share/webui/includes/config.phpsed -i '/DB_USER/i$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";'/opt/zimbra/cbpolicyd/share/webui/includes/config.php


# Protecting PolicyD Web Admin

echo -e $ibold"[*] INFO : Protect access PolicyD Web Administration"$ebold
echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "cd /opt/zimbra/cbpolicyd/share/webui"
echo -e "touch .htaccess"

echo -e "echo 'AuthUserFile /opt/zimbra/cbpolicyd/share/webui/.htpasswd'> .htaccess"

echo -e "echo 'AuthGroupFile /dev/null' >> .htaccess"
echo -e "echo 'AuthName User and Password' >> .htaccess"
echo -e "echo 'AuthType Basic' >> .htaccess"
echo -e "echo '' >> .htaccess"
echo -e "echo '<LIMIT GET>' >> .htaccess"
echo -e "echo 'require valid-user' >> .htaccess"
echo -e "echo '</LIMIT>' >> .htaccess"

echo -e"-------------------------------------------------------------------------"

echo "Press key Enter to protect access PolicyD Web Administration"
read presskey

cd /opt/zimbra/cbpolicyd/share/webui/
touch .htaccess

echo 'AuthUserFile /opt/zimbra/cbpolicyd/share/webui/.htpasswd' >/opt/zimbra/cbpolicyd/share/webui/.htaccessecho 'AuthGroupFile /dev/null' >>/opt/zimbra/cbpolicyd/share/webui/.htaccessecho 'AuthName "User and Password"' >>/opt/zimbra/cbpolicyd/share/webui/.htaccess

echo 'AuthType Basic' >> /opt/zimbra/cbpolicyd/share/webui/.htaccess
echo '' >> /opt/zimbra/cbpolicyd/share/webui/.htaccess
echo '<LIMIT GET>' >> /opt/zimbra/cbpolicyd/share/webui/.htaccess
echo 'require valid-user' >> /opt/zimbra/cbpolicyd/share/webui/.htaccess
echo '</LIMIT>' >> /opt/zimbra/cbpolicyd/share/webui/.htaccess

# Create Username + Password PolicyD Web Admin

echo -e $ibold"[*] INFO : Create Username + Password PolicyD WebAdmin"$ebold

echo ""
echo -n "Type Username PolicyD Web Admin, example cbpadmin : "
read USERNAME

echo -n "Type password for $USERNAME : "
read PASSWORD

/opt/zimbra/httpd/bin/htpasswd -cb .htpasswd $USERNAME $PASSWORD

# Edit configure Apache Zimbra

echo -e $ibold"[*] INFO : Edit configure Apache Zimbra"$ebold
echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "cp /opt/zimbra/conf/httpd.conf $lokasibackup"

echo -e "echo 'Alias /webui /opt/zimbra/cbpolicyd/share/webui/' >>/opt/zimbra/conf/httpd.conf"echo -e "echo '<Directory /opt/zimbra/cbpolicyd/share/webui/>' >>/opt/zimbra/conf/httpd.conf"

echo -e "echo 'AllowOverride AuthConfig' >> /opt/zimbra/conf/httpd.conf"
echo -e "echo 'Order Deny,Allow' >> /opt/zimbra/conf/httpd.conf"
echo -e "echo 'Allow from all' >> /opt/zimbra/conf/httpd.conf"
echo -e "echo '</Directory>' >> /opt/zimbra/conf/httpd.conf"

echo -e"-------------------------------------------------------------------------"

echo "Press key Enter"
read presskey

cp /opt/zimbra/conf/httpd.conf $lokasibackup

echo 'Alias /webui /opt/zimbra/cbpolicyd/share/webui/' >>/opt/zimbra/conf/httpd.confecho '<Directory /opt/zimbra/cbpolicyd/share/webui/>' >>/opt/zimbra/conf/httpd.conf

echo 'AllowOverride AuthConfig' >> /opt/zimbra/conf/httpd.conf
echo 'Order Deny,Allow' >> /opt/zimbra/conf/httpd.conf
echo 'Allow from all' >> /opt/zimbra/conf/httpd.conf
echo '</Directory>' >> /opt/zimbra/conf/httpd.conf

# Restart Service Zimbra and Apache Zimbra

echo -e $ibold"[*] INFO : Restart Service Zimbra"$ebold
echo ""
echo "Press key Enter for Restarting Service Zimbra"
read presskey

su - zimbra -c "zmcontrol restart"
su - zimbra -c "zmapachectl restart"

# Inject Sqlite Database

echo -e $ibold"[*] INFO : Configuring Rate Limit Sending Message andReject Unlisted Domain"$ebold

echo ""
echo "Manual Process"

echo -e"-------------------------------------------------------------------------"

echo -e "touch /tmp/policyd.sql"

echo -e "echo 'delete from "policy_groups" where id=100;' >/tmp/policyd.sql"echo -e "echo 'delete from "policy_group_members" where id=100;' >>/tmp/policyd.sql"

echo -e "echo 'delete from "policies" where id=100;' >> /tmp/policyd.sql"

echo -e "echo 'delete from "policy_members" where id=100;' >>/tmp/policyd.sql"echo -e "echo 'delete from "access_control" where id=100;' >>/tmp/policyd.sql"

echo -e "echo 'delete from "policies" where id=101;' >> /tmp/policyd.sql"

echo -e "echo 'delete from "policy_members" where id=101;' >>/tmp/policyd.sql"echo -e "echo 'delete from "policy_members" where id=102;' >>/tmp/policyd.sql"

echo -e "echo 'delete from "quotas" where id=101;' >> /tmp/policyd.sql"

echo -e "echo 'delete from "quotas_limits" where id=101;' >>/tmp/policyd.sql"echo -e "echo 'insert into "policy_groups"values(100,'list_domain',0,0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policy_group_members"values(100,100,'@$DOMAIN',0,0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policies" values(100,'Reject UnlistedDomain',20,'Reject Unlisted Domain',0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policy_members"values(100,100,'!%list_domain','!%list_domain',0,0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "access_control" values(100,100,'RejectUnlisted Domain','REJECT','Sorry, you are not authorized to sendingemail','Reject Unlisted Domain',0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policies" values(101,'Rate Limit SendingMessage',21,'Rate Limit Sending Message',0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policy_members"values(101,101,'%list_domain','!%list_domain',0,0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "policy_members"values(102,101,'!%list_domain','any',0,0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "quotas" values(101,101,'Rate Limit SendingMessage','Sender:user@domain',3600,'DEFER','Max sending email have beenfull at last 3600s',0,'Rate Limit Sending Message',0);' >> /tmp/policyd.sql"echo -e "echo 'insert into "quotas_limits"values(101,101,'MessageCount',300,'Rate Limit',0);' >> /tmp/policyd.sql"echo -e 'su - zimbra -c "sqlite3/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb < /tmp/policyd.sql"'

echo -e 'su - zimbra -c "zmcbpolicydctl restart"'

echo -e"-------------------------------------------------------------------------"

echo "Press key Enter for configure"
read presskey

touch /tmp/policyd.sql
echo "delete from 'policy_groups' where id=100;" > /tmp/policyd.sql
echo "delete from 'policy_group_members' where id=100;" >> /tmp/policyd.sql
echo "delete from 'policies' where id=100;" >> /tmp/policyd.sql
echo "delete from 'policy_members' where id=100;" >> /tmp/policyd.sql
echo "delete from 'access_control' where id=100;" >> /tmp/policyd.sql
echo "delete from 'policies' where id=101;" >> /tmp/policyd.sql
echo "delete from 'policy_members' where id=101;" >> /tmp/policyd.sql
echo "delete from 'policy_members' where id=102;" >> /tmp/policyd.sql
echo "delete from 'quotas' where id=101;" >> /tmp/policyd.sql
echo "delete from 'quotas_limits' where id=101;" >> /tmp/policyd.sql

echo "insert into 'policy_groups' values(100,'list_domain',0,0);" >>/tmp/policyd.sqlecho "insert into 'policy_group_members'values(100,100,'@$DOMAIN',0,0);" >> /tmp/policyd.sqlecho "insert into 'policies' values(100,'Reject UnlistedDomain',20,'Reject Unlisted Domain',0);" >> /tmp/policyd.sqlecho "insert into 'policy_members'values(100,100,'!%list_domain','!%list_domain',0,0);" >> /tmp/policyd.sqlecho "insert into 'access_control' values(100,100,'Reject UnlistedDomain','REJECT','Sorry, you are not authorized to sendingemail','Reject Unlisted Domain',0);" >> /tmp/policyd.sqlecho "insert into 'policies' values(101,'Rate Limit SendingMessage',21,'Rate Limit Sending Message',0);" >> /tmp/policyd.sqlecho "insert into 'policy_members'values(101,101,'%list_domain','!%list_domain',0,0);" >> /tmp/policyd.sqlecho "insert into 'policy_members'values(102,101,'!%list_domain','any',0,0);" >> /tmp/policyd.sqlecho "insert into 'quotas' values(101,101,'Rate Limit SendingMessage','Sender:user@domain',3600,'DEFER','Max sending email has beenfull at last 3600s',0,'Rate Limit Sending Message',0);" >> /tmp/policyd.sqlecho "insert into 'quotas_limits'values(101,101,'MessageCount',300,'Rate Limit',0);" >> /tmp/policyd.sqlsu - zimbra -c "sqlite3 /opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb< /tmp/policyd.sql"

su - zimbra -c "zmcbpolicydctl restart"

echo ""

echo "Configure PolicyD has been finished, please try to access viabrowser PolicyD WebUI on url http://$namaserver:7780/webui/index.php";


El 15/06/2015 a las 16:18, Manuel Mely escribió:

On 15.06.2015 20:40, Yuniesky Machado Rojas wrote:
hammm podrias pegarme el contenido de la web aqui es que no alcanzoal .com
Bueno realmente lo que estoy leyendo sucede en Zimbra 8.5.
Dime si a la salida del comando "postconf -m" tienes el tipo de tabla"texthash"
De ser asi, intenta cambiar hash por texthash en tu fichero de tablas.Ya de paso revisa si tiene hash, que no debe estar pues tu postfixesta requiriendo este tipo ahora mismo, seria muy raro que apareciera.
Por algun motivo ese zimbra no compilo el tipo de tabla hash.

Anyway, aqui te va la diferencia entre hash y texthash

 hash
An indexed file type based on hashing. This is available only onsystems with support for Berkeley DB databases. Public database filesare created with the postmap(1) or postalias(1) command, and privatedatabases are maintained by Postfix daemons. The database name as usedin "hash:table" is the database file name without the ".db" suffix.
 texthash (read-only)
A table that produces similar results as hash: files, except thatyou don't have to run the postmap(1) command before you can use thefile, and that texthash: does not detect changes after the file isread. The lookup table name is "texthash:filename", where the filename is taken literally; no suffix is appended.
Seguire buscando si hay algun modo de que puedas usar hash, sin tenerque recompilar postfix. Realmente nunca he utilizado zimbra.
Saludos


______________________________________________________________________
Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba.
Gutl-l@jovenclub.cu
https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l




______________________________________________________________________
Lista de correos del Grupo de Usuarios de Tecnologías Libres de Cuba.
Gutl-l@jovenclub.cu
https://listas.jovenclub.cu/cgi-bin/mailman/listinfo/gutl-l

Re: [Gutl-l] zimbra + politicas de envio(Solved)

Responder a