Results 1 to 7 of 7

Thread: [SOLVED] Local Domain Users emails tagged SPAM

  1. #1
    owl700 is offline Active Member
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default [SOLVED] Local Domain Users emails tagged SPAM

    How can i explain to Zimbra Spamassasin that it doesn't consider the local domain authenticated users emails as SPAM?

    Release 5.0.2_GA_1975.UBUNTU6 UBUNTU6 FOSS edition
    2.6.15-55-server

    After many years Zimbra 2 week ago had start to consider local domain authenticated users emails as SPAM

    ex. mail send from user1@mydomain.com to user2@mydomain.com is tagged SPAM

    Code:
    Return-Path: user1@mydomain.com
    Received: from 10.0.0.39 (LHLO mail.mydomain.com) (10.0.0.39) by
     mail.mydomain.com with LMTP; Mon, 29 Mar 2010 11:52:05 +0200 (CEST)
    Received: from localhost (localhost [127.0.0.1])
    	by mail.mydomain.com (Postfix) with ESMTP id 4339D1E01D5;
    	Mon, 29 Mar 2010 11:52:05 +0200 (CEST)
    X-Virus-Scanned: amavisd-new at 
    X-Spam-Flag: YES
    X-Spam-Score: 7.536
    X-Spam-Level: *******
    X-Spam-Status: Yes, score=7.536 tagged_above=-10 required=6.6
    	tests=[BAYES_50=0.001, DNS_FROM_OPENWHOIS=1.13,
    	FH_DATE_PAST_20XX=3.188, FORGED_MUA_OUTLOOK=3.116, HTML_MESSAGE=0.001,
    	RDNS_NONE=0.1]
    Received: from mail.mydomain.com ([127.0.0.1])
    	by localhost (mail.mydomain.com [127.0.0.1]) (amavisd-new, port 10024)
    	with ESMTP id dQ28S5ZVUAt9; Mon, 29 Mar 2010 11:52:04 +0200 (CEST)
    Received: from client (unknown [192.168.0.245])
    	by mail.mydomain.com (Postfix) with ESMTP id E7CA41E01D4
    	for <user2@mydomain.com>; Mon, 29 Mar 2010 11:52:04 +0200 (CEST)
    Message-ID: <ED81A82F4319412B8524A5912BD6486B@mydomain.com>
    From: "User1" <user1@mydomain.com>
    To: "User2" <user2@mydomain.com>
    Subject: ***SPAM***test
    Date: Mon, 29 Mar 2010 11:52:04 +0200
    MIME-Version: 1.0
    Content-Type: multipart/alternative;
    	boundary="----=_NextPart_000_00F0_01CACF36.40586940"
    X-Priority: 3
    X-MSMail-Priority: Normal
    X-Mailer: Microsoft Outlook Express 6.00.3790.4548
    X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4325
    I have tried to use whitelist_from in salocal.cf.in but this also accept fake emails

    Code:
    # This is the right place to customize your installation of SpamAssassin.
    #
    # See 'perldoc Mail::SpamAssassin::Conf' for details of what can be
    # tweaked.
    #
    ###########################################################################
    #
    # rewrite_header Subject *****SPAM*****
    # report_safe 1
    # trusted_networks 212.17.35.
    # lock_method flock
    
    header DSPAM_SPAM X-DSPAM-Result =~ /^Spam$/
    describe DSPAM_SPAM DSPAM claims it is spam
    score DSPAM_SPAM 1.5
    
    header DSPAM_HAM X-DSPAM-Result =~ /^Innocent$/
    describe DSPAM_HAM DSPAM claims it is ham
    score DSPAM_HAM -0.5
    
    %%uncomment VAR:zimbraMtaMyNetworks%%trusted_networks %%zimbraMtaMyNetworks%%
    
    trusted_networks 127.0.0.0/8 10.0.0.0/24 192.168.0.0/24 192.168.1.0/24
    internal_networks 127.0.0.0/8 10.0.0.0/24 192.168.0.0/24 192.168.1.0/24
    
    rewrite_header Subject *SPAM* _STARS(*)_
    bayes_auto_learn 1
    bayes_min_spam_num 60
    bayes_min_ham_num 60
    clear_headers
    add_header spam Flag _YESNOCAPS_
    add_header all Status _YESNO_, score=_SCORE_ required=_REQD_ tests=_TESTS_ autolearn=_AUTOLEARN_ version=_VERSION_
    add_header all Level _STARS(*)_
    add_header all Checker-Version SpamAssassin _VERSION_ (_SUBVERSION_) on _HOSTNAME
    
    ###########
    whitelist_from *@mydomain.com
    ###########
    After i have removed whitelist_from *@mydomain.com and tried whitelist_from_rcvd (only on my personal email) but with no results, is this correct for my purposes?

    Code:
    ###########
    whitelist_from always_valid_email@mydomain.com (i need to consider always valid this email)
    whitelist_from_rcvd my_personal_email@mydomain.com mydomain.com
    ###########
    Zimbra Postfix have disabled MTA reverse DNS check and other DNS checks, i can't enable it or enable postgrey ect. due to company policies

    Restrictions enabled
    zimbraMtaRestriction: reject_invalid_hostname
    zimbraMtaRestriction: reject_non_fqdn_hostname
    zimbraMtaRestriction: reject_non_fqdn_sender

  2. #2
    owl700 is offline Active Member
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default

    Is this the problem solution?

    Some emails go into Junk

  3. #3
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Yes and also search the forums for DNS_FROM_OPENWHOIS.

  4. #4
    owl700 is offline Active Member
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default

    Thanks very much

  5. #5
    owl700 is offline Active Member
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default

    Ok, i have added score FH_DATE_PAST_20XX 0.0 to salocal.cf.in and removed all whitelist_from and whitelist_from_rcvd, is that right?

  6. #6
    uxbod's Avatar
    uxbod is offline Moderator
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    That will override the rule completely. Remove the score update you have just added and change /opt/zimbra/conf/spamassassin/72_active.cf. Look for the rule and change to the following
    Code:
    ##{ FH_DATE_PAST_20XX
    header   FH_DATE_PAST_20XX  Date =~ /20[2-9][0-9]/ [if-unset: 2006]
    describe FH_DATE_PAST_20XX  The date is grossly in the future.
    ##} FH_DATE_PAST_20XX
    You will then need to instruct Amavis to use the change
    Code:
    su - zimbra
    zmamavisdctl stop ; zmamavisdctl start

  7. #7
    owl700 is offline Active Member
    Join Date
    Aug 2007
    Posts
    42
    Rep Power
    8

    Default

    Solved! Thank you

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. [SOLVED] Restrict some users to send outer domain mails
    By jayarajmohan in forum Administrators
    Replies: 8
    Last Post: 07-16-2013, 06:37 AM
  2. Zimbra fails after working for 2 weeks
    By Linsys in forum Administrators
    Replies: 10
    Last Post: 10-07-2008, 12:42 AM
  3. Users receiving copies of other user's spam?
    By thunder04 in forum Administrators
    Replies: 5
    Last Post: 07-29-2008, 11:50 PM
  4. Spam filter, server wide or per domain?
    By quietas in forum Administrators
    Replies: 3
    Last Post: 07-28-2008, 08:31 AM
  5. Replies: 5
    Last Post: 06-18-2008, 01:50 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •