Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page User white/black lists & priority of them

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-15-2009, 06:24 AM
Elite Member
  
Posts: 337
Exclamation User white/black lists & priority of them
I see in ZCS 6 that user-based white and black lists have been implemented. Will those take priority over the regular built-in spam checkers? Say Zimbra flags something from bob@abc.com as spam, but the recipient has that particular address in their whitelist. Will that piece of mail be delivered?
Reply With Quote
  #2 (permalink)  
Old 09-15-2009, 07:17 AM
Moderator
  
Posts: 6,237
Default
It's mapped to amavis[Whitelist/Blacklist]Sender lookup_tables/sender_maps so it should cover anything in Spamassassin or ClamAV. However if you have an RBL in the MTA (Postfix) that's going to drop it earlier.

~~~

RBL's are possible in both locations. Typically the directions we provide are to set a zimbraMtaRestriction attribute (to save across upgrades) which in turn gets fed into the MTA via postfix_recipient_restrictions.cf > smtpd_recipient_restrictions. Spamassisn can also do rbl checks if skip_rbl_checks is set to 0 (default).

Won't go on as it was discussed back in December:
Quote:
Originally Posted by LMStone View Post
Quote:
Originally Posted by Jbrabander View Post
Ah, sounds good. We did add zen.spamhaus.org to the RBL list under DNS Check in the global settings. I'll have to browse the zimbra.log sometime to see if it's catching anything.

If I understand you right, if I add an RBL (like spamhaus) to the list, Zimbra uses that and not the spamassassin checks. Would that maybe be why my server statistics graphs for AV/AS activity show nothing for activity?
Not exactly...

If you list an RBL in the Zimbra Postfix and a sending server is on the RBL, Postfix will drop the connection.

Whether you do that or not, SpamAssassin will check a number of RBLs, and a positive response from one or more RBLs will add to the email's spam score. If the score is high enough, the email will be blocked or marked as spam.

Spamassassin has no clue as to whether you are doing RBL lookups in Postfix or not.

And even if you are doing RBL lookups in Postfix, it's still a good idea to keep those same RBL lookups in SpamAssassin IMHO.

Another trick is not to use the Postfix RBL lookups at all, but instead do the RBL lookups on a dedicated Postfix box or firewall in front of your Zimbra box. Since a conservative RBL like Spamhaus's Zen list will catch 85% or more of all spam, doing hard RBL blocking before the entire email stream hits your Zimbra server will reduce the load on your Zimbra server by 85% or more.

You are right that if you do the hard RBL blocking in Postfix your statistics will show a pretty clean email stream overall, because the statistics collect only what Amavis does (SpamAssassin and ClamAV), and not what Postfix blocked outright before passing the email stream off to Amavis.

Hope that helps,
Mark
Where a solution to monitor zimbra.log for RBL blocks would be Configuring and Monitoring Postfix DNSBL - Zimbra :: Wiki
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.