Zimbra Wall

A server for blocking users to access Zimbra CS.

This software is used to intercept and apply modifications to the traffic between a Zimbra Proxy and Zimbra Mailboxes. If you don’t know what a Zimbra Proxy is, You can read about it here: https://wiki.zimbra.com/wiki/Zimbra_Proxy_Guide

This work for all kind of client access:

  • POP3
  • IMAP
  • Webmail
  • ActiveSync
  • Zimbra Outlook Connector

Use cases

You need to deny access to some users from Internet.

How it works

Zimbra Wall reads a map file, a YAML file, in which you indicate the pair email:zimbraID of the users you want to block

Based on this information, Zimbra Wall tell the Zimbra Proxy to deny access to the user.

Instalation and configuration

Requirements

This has been tested with:

  • Zimbra >= 8.5
  • Ruby >= 1.93
  • Bundler >= 1.3
  • Zimbra Proxy

You need to have direct access to the 7072 port of both Mailboxes.

Installation

It’s recommended to install it on the same Zimbra Proxy server. All you need to do is run:

“sh $ gem install bundler $ gem install zimbra_wall

Zimbra Proxy Modification

Important Note You are going to modify Zimbra template files, used to build the configuration files of Nginx. Take some backups!!

  • All the files are located in /opt/zimbra/conf/nginx/templates.
  • <, config being replaced
  • >, new config

You have to make this modifications

“ff # nginx.conf.web.template < $webweb.loginweb.login.upstreamweb.login.upstream.disable $web.upstream.loginserver.:servers

< $

${web.login.upstream.disable} server localhost:9292 fail_timeout=60s version=8.6.0_GA_1153;
${web.login.upstream.disable} server localhost:9292 fail_timeout=60s version=8.6.0_GA_1153;

“ff # nginx.conf.zmlookup.template