Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page Is it possible to block SPAM apparently to/From ths same user

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 11-17-2008, 07:24 AM
Elite Member
  
Posts: 372
Question Is it possible to block SPAM apparently to/From ths same user
This sample is from andrew.proulx@csgrp.com
With a fake FROM user@myzimbra.com
in the DATA

Code:
Return-Path: andrew.proulx@csgrp.com
Received: from zimbra-1.myzimbra.com (LHLO
 zimbra-1.myzimbra.com) (10.10.11.8) by
 zimbra-1.myzimbra.com with LMTP; Fri, 14 Nov 2008 10:31:14 +0000
 (GMT)
Received: from localhost (localhost.localdomain [127.0.0.1])
        by zimbra-1.myzimbra.com (Postfix) with ESMTP id B8EFA41A028D
        for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:14 +0000 (GMT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 3.465
X-Spam-Level: ***
X-Spam-Status: No, score=3.465 tagged_above=-10 required=4
        tests=[BAYES_50=0.5, HTML_IMAGE_RATIO_04=0.172, HTML_MESSAGE=0.001,
        HTML_TAG_BALANCE_HEAD=1.334, MIME_HTML_ONLY=1.457, MONEY_BACK=0.001]
Received: from zimbra-1.myzimbra.com ([127.0.0.1])
        by localhost (zimbra-1.myzimbra.com [127.0.0.1]) (amavisd-new, port 10024)
        with ESMTP id Wv4Urc846fDN for <user@myzimbra.com>;
        Fri, 14 Nov 2008 10:31:03 +0000 (GMT)
Received: by zimbra-1.myzimbra.com (Postfix, from userid 101)
        id 1185B41A029B; Fri, 14 Nov 2008 10:31:03 +0000 (GMT)
Received: from hub1.myzimbra.com (hub1.myzimbra.com [10.11.111.4])
        by zimbra-1.myzimbra.com (Postfix) with ESMTP id EA71241A0297
        for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:02 +0000 (GMT)
Received: from SzilasiG (mail.maillis.hu [195.56.87.204])
        by hub1.myzimbra.com (8.13.6/8.13.6) with SMTP id mAEAV1xC003699
        for <user@myzimbra.com>; Fri, 14 Nov 2008 10:31:02 GMT
Date: Fri, 14 Nov 2008 10:31:01 GMT
Message-Id: <20081114s031.mAEAV1xC003699@hub1.myzimbra.com>
X-Originating-IP: [140.201.0.1]
X-Originating-Email: [user@myzimbra.com]
X-Sender: user@myzimbra.com
To: <user@myzimbra.com>
Subject: RE: user@myzimbra.com, Buy One - Get Four Free!
From: <user@myzimbra.com>
MIME-Version: 1.0
Importance: High
Content-Type: text/html
__________________
Thanks For any replies,
p.
Reply With Quote
  #2 (permalink)  
Old 11-17-2008, 09:15 AM
Moderator
  
Posts: 927
Default
Blocking mail on this criteria could cause problems for some people. For example, you want to send a message to 5 people but you dont want any of the names revealed, I've seen people sent the message TO themselves and BCC the target recipients, thus everyone see's the mail as addressed to the sender.

It's not good practice, but it does happen.
Would it not be better to block spam as being spam rather than via this criteria?
Reply With Quote
  #3 (permalink)  
Old 11-17-2008, 12:33 PM
Moderator
  
Posts: 7,928
Default
Trying to find a rule for SA ... It could be marked with a score of 1 so the rest of the rules apply aswell. I am surprised people get so much SPAM personally I get the best results with ClamAV - Unofficial Phishing Signatures.
__________________
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.