Results 1 to 3 of 3

Thread: Is it possible to block SPAM apparently to/From ths same user

  1. #1
    padraig's Avatar
    padraig is offline Elite Member
    Join Date
    Jul 2006
    Location
    ireland
    Posts
    388
    Rep Power
    8

    Question Is it possible to block SPAM apparently to/From ths same user

    This sample is from andrew.proulx@csgrp.com
    With a fake FROM user@myzimbra.com
    in the DATA

    Code:
    Return-Path: andrew.proulx@csgrp.com
    Received: from zimbra-1.myzimbra.com (LHLO
     zimbra-1.myzimbra.com) (10.10.11.8) by
     zimbra-1.myzimbra.com with LMTP; Fri, 14 Nov 2008 10:31:14 +0000
     (GMT)
    Received: from localhost (localhost.localdomain [127.0.0.1])
            by zimbra-1.myzimbra.com (Postfix) with ESMTP id B8EFA41A028D
            for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:14 +0000 (GMT)
    X-Virus-Scanned: amavisd-new at
    X-Spam-Flag: NO
    X-Spam-Score: 3.465
    X-Spam-Level: ***
    X-Spam-Status: No, score=3.465 tagged_above=-10 required=4
            tests=[BAYES_50=0.5, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001,
            HTML_TAG_BALANCE_HEAD=1.334, MIME_HTML_ONLY=1.457, MONEY_BACK=0.001]
    Received: from zimbra-1.myzimbra.com ([127.0.0.1])
            by localhost (zimbra-1.myzimbra.com [127.0.0.1]) (amavisd-new, port 10024)
            with ESMTP id Wv4Urc846fDN for <user@myzimbra.com>;
            Fri, 14 Nov 2008 10:31:03 +0000 (GMT)
    Received: by zimbra-1.myzimbra.com (Postfix, from userid 101)
            id 1185B41A029B; Fri, 14 Nov 2008 10:31:03 +0000 (GMT)
    Received: from hub1.myzimbra.com (hub1.myzimbra.com [10.11.111.4])
            by zimbra-1.myzimbra.com (Postfix) with ESMTP id EA71241A0297
            for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:02 +0000 (GMT)
    Received: from SzilasiG (mail.maillis.hu [195.56.87.204])
            by hub1.myzimbra.com (8.13.6/8.13.6) with SMTP id mAEAV1xC003699
            for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:02 GMT
    Date: Fri, 14 Nov 2008 10:31:01 GMT
    Message-Id: <20081114s031.mAEAV1xC003699@hub1.myzimbra.com>
    X-Originating-IP: [140.201.0.1]
    X-Originating-Email: [user@myzimbra.com]
    X-Sender: user@myzimbra.com
    To: <user@myzimbra.com>
    Subject: RE: user@myzimbra.com, Buy One - Get Four Free!
    From: <user@myzimbra.com>
    MIME-Version: 1.0
    Importance: High
    Content-Type: text/html
    Thanks For any replies,
    p.

  2. #2
    Dirk's Avatar
    Dirk is offline Moderator
    Join Date
    May 2006
    Location
    England.
    Posts
    927
    Rep Power
    9

    Default

    Blocking mail on this criteria could cause problems for some people. For example, you want to send a message to 5 people but you dont want any of the names revealed, I've seen people sent the message TO themselves and BCC the target recipients, thus everyone see's the mail as addressed to the sender.

    It's not good practice, but it does happen.
    Would it not be better to block spam as being spam rather than via this criteria?

  3. #3
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,016
    Rep Power
    24

    Default

    Trying to find a rule for SA ... It could be marked with a score of 1 so the rest of the rules apply aswell. I am surprised people get so much SPAM personally I get the best results with ClamAV - Unofficial Phishing Signatures.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Replies: 21
    Last Post: 02-04-2010, 10:06 AM
  2. [SOLVED] Zimbra logwatch.
    By nishith in forum Administrators
    Replies: 5
    Last Post: 06-10-2009, 04:42 PM
  3. Can't start Zimbra!
    By zibra in forum Administrators
    Replies: 5
    Last Post: 03-22-2007, 11:34 AM
  4. Post instsallation problems
    By Assaf in forum Installation
    Replies: 14
    Last Post: 01-29-2007, 11:38 AM
  5. Services stopped working
    By lilwong in forum Administrators
    Replies: 4
    Last Post: 08-15-2006, 09:19 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •