Zimbra

elinstad · #1 (**permalink**) 08-18-2009, 05:28 AM

After upgrading from 5.016 to 5.018 I started seeing alot of Spam ending up in users Inbox's. After some looking around I noticed that even though amavis is running most of my messages do NOT have headers saying the messages were checked. I tailed my /var/log/zimbra.log grepping for amavis and it seems to be only checking a couple of messages a minute.

Does anyone have any idea what might be going on or maybe be able to head me in the right direction on where to find a problem?

Thanks in advance,

Erik

elinstad · #2 (**permalink**) 08-19-2009, 09:11 AM

After Zimbra Upgrade
===================================

5 Spam ------------------------------------ 0.67%
5 Spam blocked 0.67%

Before Zimbra Upgrade
===================================
936 Spam ------------------------------------ 12.98%
589 Spammy passed 8.17%
347 Spam blocked 4.81%

Anyone?

phoenix · #3 (**permalink**) 08-19-2009, 09:36 AM

You need to post the headers from some spam that's ending up in the users Inbox.

elinstad · #4 (**permalink**) 08-19-2009, 09:54 AM

Return-Path: bruisesog@raypax.com
Received: from dynmail-01-mht.dyndns.com (LHLO dynmail-01-mht.dyndns.com)
(216.146.45.13) by mail.corp.dyndns.com with LMTP; Wed, 19 Aug 2009
12:48:10 -0400 (EDT)
Received: from smtp-01-mht.dyndns.com (smtp-01-mht.dyndns.com [216.146.45.10])
by dynmail-01-mht.dyndns.com (Postfix) with ESMTP id 4067423202E
for <elinstad@dyn-inc.com>; Wed, 19 Aug 2009 12:48:18 -0400 (EDT)
Received: by smtp-01-mht.dyndns.com (Postfix)
id 1F01522DCB4; Wed, 19 Aug 2009 16:51:11 +0000 (UTC)
Delivered-To: elinstad@dyndns.com
Received: from mx1.mailhop.org (mxout-183-ewr.mailhop.org [216.146.33.183])
by smtp-01-mht.dyndns.com (Postfix) with ESMTP id 1756D22DCB1
for <elinstad@dyndns.com>; Wed, 19 Aug 2009 16:51:10 +0000 (UTC)
Received: from scan-32-ewr.mailhop.org (scan-32-ewr.local [10.0.141.238])
by mx1.mailhop.org (Postfix) with ESMTP id 75F6D6FD92F
for <elinstad@dyndns.com>; Wed, 19 Aug 2009 16:50:29 +0000 (UTC)
X-Mail-Handler: MailHop by DynDNS
X-Originating-IP: 200.138.47.16
Received: from 200-138-47-16.ctame705.dsl.brasiltelecom.net.br (200-138-47-16.ctame705.dsl.brasiltelecom.net.br [200.138.47.16])
by mx1.mailhop.org (Postfix) with ESMTP id C8A466FD8EE;
Wed, 19 Aug 2009 16:50:28 +0000 (UTC)
Received: from 200.138.47.16 by spamfilter1.speedhosting.co.kr; Wed, 19 Aug 2009 13:49:48 -0300
Message-ID: <000d01ca20ed$102ad160$6400a8c0@bruisesog>
From: "Guadalupe Drake" <bruisesog@raypax.com>
To: <elinstad@dyndns.com>
Subject: Light up the fire!
Date: Wed, 19 Aug 2009 13:49:48 -0300
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0007_01CA20ED.102AD160"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.2180
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2180

phoenix · #5 (**permalink**) 08-19-2009, 10:25 AM

Are you using the DynDNS Mailhop service? Have you added any of their server IPs to your Trusted Networks? Have you whitelisted any of there server IPs?

elinstad · #6 (**permalink**) 08-19-2009, 10:27 AM

We are using the mailhop service as our BackupMX. I have not whitelisted any of the IP address'

phoenix · #7 (**permalink**) 08-19-2009, 10:29 AM

Quote:

Originally Posted by elinstad

We are using the mailhop service as our BackupMX. I have not whitelisted any of the IP address'

Have you added any of their IPs to your Trusted Networks?

elinstad · #8 (**permalink**) 08-19-2009, 10:37 AM

I have not done that either.

elinstad · #9 (**permalink**) 08-19-2009, 10:52 AM

Shouldn't amavis be checking every message and adding some headers to the message, whether or not the message is spam? Here is a message I sent from my gmail to my zimbra system address and there is no X headers from amavis.

Code:

Return-Path: my@gmail.com
Received: from dynmail-01-mht.dyndns.com (LHLO dynmail-01-mht.dyndns.com)
 (216.146.45.13) by mail.corp.dyndns.com with LMTP; Wed, 19 Aug 2009
 13:46:18 -0400 (EDT)
Received: from mail-ew0-f224.google.com (mail-ew0-f224.google.com [209.85.219.224])
	by dynmail-01-mht.dyndns.com (Postfix) with ESMTP id CECA923202E
	for <elinstad@dyn.com>; Wed, 19 Aug 2009 13:46:25 -0400 (EDT)
Received: by ewy24 with SMTP id 24so4294627ewy.47
        for <elinstad@dyn.com>; Wed, 19 Aug 2009 10:48:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=gamma;
        h=domainkey-signature:mime-version:received:from:date:message-id
         :subject:to:content-type;
        bh=3TcFa0GpphHrg4jbWviloeFLO2UmCwcO7WzZS6iPo1c=;
        b=ES4TFRG2S2Xu4Q2d/u3+z5ADfYkwZLQF30cUXN3sqHdQuOpbvkQUeDJ14z7g3C6Yf3
         JaIEvY/Z4YOvlgFzRIBgLX97u+Cwu/8OpTKysuSB22AB3mUTqCU6cv/2chzjfIOUrTxA
         8jtdNh2QeWsMFbJqYyQmpo4oK6u2yhv6hP8jU=
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=gamma;
        h=mime-version:from:date:message-id:subject:to:content-type;
        b=mH0yDkAOoG/ya4lXM8DZvmzFX7E+iKOmKsxY0qBstvf4vqxFhCA98rcaQu4etOU3E2
         M4bVq4tmw5zMP/FDUP/uxql3c3hlyn2NCwiTfT5+LSYtzaN82MIUtLcGYbgCDe71IS+a
         NqL9fk5xR1CJEPRNv9OHnMADwFaUCBm6B4vUc=
MIME-Version: 1.0
Received: by 10.210.16.11 with SMTP id 11mr6061151ebp.50.1250704117212; Wed, 
	19 Aug 2009 10:48:37 -0700 (PDT)

Zimbra

Downloads

Product Information

Toolbox

Why Join?