Results 1 to 7 of 7

Thread: Daily mail report going to Spam ?!

  1. #1
    briceb is offline Intermediate Member
    Join Date
    Apr 2010
    Posts
    23
    Rep Power
    5

    Default Daily mail report going to Spam ?!

    Hi,

    Why would the Daily mail report go to the Junk folder ?

    I upgraded to 6.0.7 on Friday and this just happened today for some reason, but taking a look at the previous days the spam score was almost high enough to put those in that folder as well..

    Here is the Spam Status :

    X-Spam-Status: Yes, score=5.01 tagged_above=-10 required=5
    tests=[ALL_TRUSTED=-1, BAYES_00=-1.9, IP_LINK_PLUS=0.012,
    NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=1.242,
    T_RP_MATCHES_RCVD=-0.01, T_URIBL_BLACK_OVERLAP=0.01,
    URIBL_BLACK=1.725, URIBL_DBL_SPAM=1.7, URIBL_WS_SURBL=1.608,
    URI_HEX=1.122, URI_NOVOWEL=0.5] autolearn=no

    Please advise ! Thanks!

  2. #2
    ewilen's Avatar
    ewilen is offline Moderator
    Join Date
    Jun 2008
    Location
    Berkeley, CA
    Posts
    1,474
    Rep Power
    8

    Default

    What seems to be going on is, SA changed its scores--whether between versions or simply in the normal course of score updates (i.e. what you'd see if you ran sa_update).

    Here's what the same field on my last daily mail report looks like:

    X-Spam-Status: No, score=-1.34 tagged_above=-10 required=4.4 tests=[ALL_TRUSTED=-1.8, AWL=-1.267, BAYES_00=-2.599, NORMAL_HTTP_TO_IP=0.001, NUMERIC_HTTP_ADDR=0.001, URIBL_BLACK=1.955, URIBL_WS_SURBL=1.5, URI_HEX=0.368, URI_NOVOWEL=0.5, WEIRD_PORT=0.001] autolearn=no

    Here are some major differences between my 6.0.6 and your 6.0.7 scores:

    ALL_TRUSTED -1.8 -1
    BAYES_00 -2.599 -1.9
    NUMERIC_HTTP_ADDR 0.001 1.242

    Some others either don't exist on both emails or they're relatively small differences.

    I'll bet you can work around this short-term by creating a whitelisting in the administrator account--just whitelist admin@<yourserver>.

  3. #3
    briceb is offline Intermediate Member
    Join Date
    Apr 2010
    Posts
    23
    Rep Power
    5

    Default

    Hi Elliot,

    First thank you for your answer, it's nice to understand where the issue is coming from.

    Now, shouldn't it be considered as a bug? I mean a system message going to the Junk folder.. isn't it more than enough to say it's a bug if there's no misconfiguration from the system administrator?

    Voted for 44384..

  4. #4
    ewilen's Avatar
    ewilen is offline Moderator
    Join Date
    Jun 2008
    Location
    Berkeley, CA
    Posts
    1,474
    Rep Power
    8

    Default

    Yeah, I guess. Basically the positive scoring is because of all the spam-like urls in the daily mail report. Aside from simply skipping SA (which might be hard) or making a whitelist entry (which will let some forged-address spam through), what could be done is to create an SA rule that scores a high negative on some text that's unique to the report.

    Anyway, no harm making a bug report. You could reference this thread. Please put the bug number here so other folks can track and vote for it.

  5. #5
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,366
    Rep Power
    10

    Default

    We've seen this so many times before that we now use the "BFI" method to "fix" this (Brute Force and Ignorance...)

    We just add the Daily Mail Report sending email address to /opt/zimbra/conf/amavid.conf.in and pre-scrore it with -10.0. See the last entry in the whitelist section below for example:

    Code:
         <snip>
         'owner-technews@postel.acm.org'          => -3.0,
         'ietf-123-owner@loki.ietf.org'           => -3.0,
         'cvs-commits-list-admin@gnome.org'       => -3.0,
         'rt-users-admin@lists.fsck.com'          => -3.0,
         'clp-request@comp.nus.edu.sg'            => -3.0,
         'surveys-errors@lists.nua.ie'            => -3.0,
         'emailnews@genomeweb.com'                => -5.0,
         'yahoo-dev-null@yahoo-inc.com'           => -3.0,
         'returns.groups.yahoo.com'               => -3.0,
         'clusternews@linuxnetworx.com'           => -3.0,
         lc('lvs-users-admin@LinuxVirtualServer.org')    => -3.0,
         lc('owner-textbreakingnews@CNNIMAIL12.CNN.COM') => -5.0,
         'zimbra@malbec.reliablenetworks.com'     => -10.0, 
    
         # soft-blacklisting (positive score)
         'sender@example.net'                     =>  3.0,
         '.example.net'                           =>  1.0,
         <snip>
    This needs to be redone after every ZCS upgrade, but it's easy, quick and it just works.

    Hope that helps,
    Mark

  6. #6
    moyasolutions is offline Starter Member
    Join Date
    Aug 2009
    Posts
    1
    Rep Power
    5

    Default 6.07 local domains going to spam

    Ever since the upgrade 6.07 our when our users email each other their emails are going to junk. how can we fix this?

  7. #7
    ewilen's Avatar
    ewilen is offline Moderator
    Join Date
    Jun 2008
    Location
    Berkeley, CA
    Posts
    1,474
    Rep Power
    8

    Default

    Please open a separate thread and then post some headers.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Problems with port 25
    By yogiman in forum Installation
    Replies: 57
    Last Post: 06-13-2011, 01:55 PM
  2. Daily Mail Report being marked SPAM once a month...
    By natrixgli in forum Administrators
    Replies: 8
    Last Post: 03-28-2011, 06:02 PM
  3. [SOLVED] Zimbra don't work - zmmailboxd
    By dmalherbe in forum Administrators
    Replies: 10
    Last Post: 11-20-2008, 10:05 AM
  4. Seeming variety of problems on suse-9.1
    By Crexis in forum Installation
    Replies: 52
    Last Post: 03-04-2006, 12:19 AM
  5. receiveing mail
    By maybethistime in forum Administrators
    Replies: 15
    Last Post: 12-09-2005, 04:55 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •