For additional guidance, check out our community articles detailing the process of migrating from your current platform to Carbonio CE.
For enterprise-level requirements and advanced features, consider checking out Zextras Carbonio – the all-in-one private digital workplace designed for digital sovereignty trusted by the public sector, telcos, and regulated industries.
PolicyD v2 (codenamed “cluebringer”) is a multi-platform policy server for popular MTAs. This policy daemon is designed mostly for large-scale mail hosting environments. The main goal is to implement as many spams combating and email compliance features as possible while at the same time maintaining the portability, stability, and performance required for mission-critical email hosting of today. Most of the ideas and methods implemented in PolicyD v2 stem from PolicyD v1 as well as the authors’ long-time involvement in the large-scale mail hosting industry.
Requirements for PolicyD WebUI
PHP v5+ (compiled with PDO support for your database)
How to Install/Enable CBPolicyD WebUI in Zimbra
Activating CBPolicyD
Before using CBPolicyD, you must have CBPolicyd installed and enabled in your Zimbra server. To install and enable it login to your Zimbra server as the Zimbra user
su - zimbra
zmprov ms `zmhostname` +zimbraServiceInstalled cbpolicyd +zimbraServiceEnabled cbpolicydActivating CBPolicyD WebUI
Now you need to host the CBPolicyD website in Zimbra’s Apache server. This we can do by creating a soft link of CBPolicyD’s source code on apache’s root directory.
cd /opt/zimbra/data/httpd/htdocs/ && ln -s ../../../common/share/webuiNow, we need to configure CBPolicyD’s source code to connect to the appropriate database. To do this, we need to open the config file and change DB_DSN value. To do so open the config file by
vi /opt/zimbra/common/share/webui/includes/config.phpand change DB_DSN value from mysql:host=localhost;dbname=cluebringer to sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb as follows
$DB_DSN=”mysql:host=localhost;dbname=cluebringer”;to
$DB_DSN="sqlite:/opt/zimbra/data/cbpolicyd/db/cbpolicyd.sqlitedb";Enable ACLs for CBPolicyD
zmprov mcf +zimbraMtaRestriction 'check_policy_service inet:127.0.0.1:10031'
zmprov ms mail.domainname.com zimbraCBPolicydAccessControlEnabled TRUERestart Zimbra
su - zimbra -c "zmcontrol restart"
su - zimbra -c "zmapachectl restart"Access CBPolicyD from http://yourServerName:7780/webui/index.php replacing yourServerName.
Protect CBPolicyD WebUI with Password
When you access PolicyD WebUI, you are not be asked to enter any username and password. To protect PolicyD WebUI you can set username and password using htaccess as follows
Go to
cd /opt/zimbra/common/share/webui/open .htaccess file
vi .htaccessAdd these lines
AuthUserFile /opt/zimbra/common/share/webui/.htpasswd
AuthGroupFile /dev/null
AuthName "User and Password"
AuthType Basic
require valid-usercreate .htpasswd file
touch .htpasswd
/opt/zimbra/common/bin/htpasswd -cb .htpasswd user passwordopen httpd.conf file
vi /opt/zimbra/conf/httpd.confadd these lines to the end
Alias /webui /opt/zimbra/common/share/webui/
<Directory /opt/zimbra/common/share/webui/>
# Comment out the following 3 lines to make web ui accessible from anywhere
AllowOverride AuthConfig
Order Deny,Allow
Allow from all
</Directory>and run
su – zimbra -c "zmapachectl restart"Access CBPolicyD from http://yourServerName:7780/webui/index.php replacing yourServerName to verify if it asks for a username and password.
To learn more about CBPolicyD I strongly suggest reading the Cluebringer PolicyD wiki page.
Comments
Hi, Your document is certainly helpful. The above I assume is on CentoOS/Rocky I want to implement in Zimbra which is installed on an Ubuntu, Can you share a document link for the same and do the needful. Thanks Rao
Can you please share the document/link for cbpolicy on zimbra in a Ubuntu Environment