I am currently managing an install of the opensource edition of Zimrba. Over recent months we have seen a huge increase in the number of relay attempts on our systems from known botnet's. If I look at the statistics a year ago we used to get between 1000-2000 per day.. now we are getting that many attempted relays in less than 10 minutes.. Because we have a report that everyone see's every day its come to peoples attention. I know an easy way for me to fix the problem is to put the RBL checks higher in the order so that it blocks the connection sooner... The problems is that I am unsure of exactly how that would affect the overall zimbra install. I need to make sure that its going to continue working correctly.
Is there any advice on this area of the rbl management for zimbra's mta?