Configuration

Zimlet configuration

Main configuration is done through the config file available under /opt/zimbra/lib/ext/IntalioZiMailApproval/approvalMap.json

ResponsibleGroups - Groups of accounts accepting or declining e-mails.

IrresponsibleGroups - Groups of accounts whose e-mails have to be accepted or declined.

Map - Defines who can accept whose e-mails.

In the following example jan@zimbrademo.intalio.pl can review robert@zimbrademo.intalio.pl mails when he doen't have an influence on test@zimbrademo.intalio.pl account's mails.

image-1630498391841.png

Mail reviewers have to have also zimlet availibilty set on in the Zimbra Administration Console.

image-1630574417247.png

CBPolicyd configuration

ZI-MailApproval requires installed, enabled and configured CBPolicyd service.

Pre-requisites

Enable the Access Control attribute in Zimbra and restart services.

su - zimbra
zmprov ms `zmhostname` zimbraCBPolicydAccessControlEnabled  TRUE
zmmtactl restart
zmcbpolicydctl start
Group
  1. In PolicyD Web interface, Go to Policies -> Groups.
  2. Click on Action dropdown -> Add.
  3. Specify Name for example GrupaZiIntalioMailApproval. Click Submit. GrupaZiIntalioMailApproval group should be created successfully.
    image-1630507564653.png
  4. Go to Policies -> Groups and select GrupaZiIntalioMailApproval and from Action dropdown select Members.
    image-1630507707298.png
  5. On the page, from Action dropdown select Add
  6. In Member textbox, specify one of the users you want to assign to ZI-MailApproval functionality. Here  test@zimbrademo.intalio.pl was used as an example. Then click Submit.
    image-1630507757030.png
  7. At the top of the page, click on Back to members. Select the above created member test@zimbrademo.intalio.pl. From Action dropdown select Change.
  8. For Disabled, select No from the dropdown. Click Submit.

    image-1630508390898.png

  9. Go to Policies -> Groups and select GrupaZiIntalioMailApproval. From Action dropdown select Change.
  10. For Disabled, select No from the dropdown. Click Submit
    image-1630507626179.png
  11. The GrupaZiIntalioMailApproval group is now enabled.
Policy
  1. Go to Policies -> Main.
  2. Click on Action dropdown -> Add.
  3. Specify Name for example ZiIntalioMailApproval, Priority 10 and Description ZiIntalioMailApproval. Click Submit. The policy should be created successfully.

    image-1630569738488.png

  4. Go to Policies -> Main and select ZiIntalioMailApproval. From Action dropdown select Members.
  5. On the page, from Action dropdown select Add.
  6. In Source textbox, specify %GrupaZiIntalioMailApproval and in Destination textbox, specify any. Click Submit.

    image-1630569936938.png

  7. At the top of the page, click on Back to members. Select the above created member. From Action dropdown select Change.
  8. For Disabled, select No from the dropdown. Click Submit.
  9. Go to Policies -> Main and select ZiIntalioMailApproval. From Action dropdown select Change.
  10. For Disabled, select No from the dropdown. Click Submit.
  11. The ZiIntalioMailApproval policy is now enabled.
Access Control
  1. Go to Access Control -> Configure.
  2. Click on Action dropdown -> Add.
  3. In Name textbox, specify ControlZiIntalioMailApproval.
  4. In Link to policy dropdown, select policy ZiIntalioMailApproval 
  5. In Verdict dropdown, select Hold.

    image-1630571582410.png

  6. Click Submit. The Access Control list should be created successfully.
  7. Go to Access Control -> Configure and select ZiIntalioMailApproval
  8. From Action dropdown select Change.
  9. For Disabled, select No from the dropdown. Click Submit