Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Administrators
Reload this Page email to myself as SPAM

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 10-21-2010, 02:53 AM
Intermediate Member
  
Posts: 16
Default email to myself as SPAM
Hi there,
recently updated to server version 6.0.8 Network.
Something went wrong with the SPAM control.

If I send email to myself it gets delivered as SPAM. And also from/to certain addresses on our same domain.
This is an example taken from a message header:

X-Spam-Flag: YES
X-Spam-Score: 6.533
X-Spam-Level: ******
X-Spam-Status: Yes, score=6.533 tagged_above=-10 required=5
tests=[HTML_IMAGE_ONLY_16=1.092, HTML_MESSAGE=0.001,
HTML_SHORT_LINK_IMG_2=0.001, RCVD_IN_PBL=3.335, RCVD_IN_RP_RNBL=1.31,
RCVD_IN_SORBS_DUL=0.001, RDNS_NONE=0.793] autolearn=no

I checked RCVD_IN_PBL and it's related to Spamhaus.
I checked Spamhaus and our server IP is not blacklisted.

Any suggestion on how to fix this?
Any suggestion on how to avoid this every time we upgrade, if it is in any way related to it?

Really appreciate your help.
Reply With Quote
  #2 (permalink)  
Old 10-21-2010, 03:08 AM
Zimbra Consultant & Moderator
  
Posts: 20,313
Default
Quote:
Originally Posted by rromei View Post
Any suggestion on how to fix this?
Did you send this message from an IP other than your local LAN (I'm assuming you did because of the spam pbl response)?


Any suggestion on how to avoid this every time we upgrade, if it is in any way related to it?[/QUOTE]This isn't specifically an upgrade problem and the Spamhaus PBL isn't specifically a blacklist, here's a quote from the FAQ:

Quote:
The Spamhaus PBL is a DNSBL database of end-user IP address ranges which should not be delivering unauthenticated SMTP email to any Internet mail server except those provided for specifically by an ISP for that customer's use. The PBL helps networks enforce their Acceptable Use Policy for dynamic and non-MTA customer IP ranges.
Did you specifically check the Spamhaus PBL? Enter the IP address that you sent the email from into this checker: DNSBL Information - Spam Database Lookup Do you get a hit?

Do you also have the "Add X-Originating-IP to messages" option checked in the Admin UI? If you disable that does the problem go away?
__________________
Regards


Bill
Reply With Quote
  #3 (permalink)  
Old 10-21-2010, 03:26 AM
Intermediate Member
  
Posts: 16
Default
Quote:
Originally Posted by phoenix View Post
...
Did you specifically check the Spamhaus PBL? Enter the IP address that you sent the email from into this checker: DNSBL Information - Spam Database Lookup Do you get a hit?
Yes I did and no, my server is not blacklisted.

Quote:
Originally Posted by phoenix View Post
...
Do you also have the "Add X-Originating-IP to messages" option checked in the Admin UI? If you disable that does the problem go away?
I just took it off, send an email to myself. No delivery (scary!).
I put it back. Delivery is now normal (no SPAM).

To send email to myself I use the Zimbra Web Client. Shouldn't that look like an email originating from the server IP itself?

...cont
Reply With Quote
  #4 (permalink)  
Old 10-21-2010, 03:46 AM
Intermediate Member
  
Posts: 16
Default
Quote:
Originally Posted by rromei View Post
To send email to myself I use the Zimbra Web Client. Shouldn't that look like an email originating from the server IP itself?

...cont
Oh but yes, of course the X-Originating-IP shows my ISP assigned router public address...
Reply With Quote
  #5 (permalink)  
Old 10-21-2010, 04:36 AM
Zimbra Consultant & Moderator
  
Posts: 20,313
Default
Quote:
Originally Posted by rromei View Post
Oh but yes, of course the X-Originating-IP shows my ISP assigned router public address...
If you uncheck the X-Originating-IP then that header will not appear in your email, you will see your public IP address in the email headers (even with X-Originating-IP option set) and enabling or disabling the X-Originating-IP option should not have any effect on mail delivery.
__________________
Regards


Bill
Reply With Quote
  #6 (permalink)  
Old 10-21-2010, 04:41 AM
Intermediate Member
  
Posts: 16
Default
Quote:
Originally Posted by phoenix View Post
If you uncheck the X-Originating-IP then that header will not appear in your email, you will see your public IP address in the email headers (even with X-Originating-IP option set) and enabling or disabling the X-Originating-IP option should not have any effect on mail delivery.
Phoenix, your tips were very helpfull.

I've got the troubleshoot done and it was this:
My router ISP assigned IP went into the Spamhaus blacklist. I'll figure out why, since it's a national ISP in France and I'm not running any SMTP or having malware sapmming from my IP...
Having my X-Originating-IP in the message was triggering the SPAM flags.

In the meantime we whitelisted *@<our_domain> in SpamAssassin.
That will open to people sending forging our mail server though.

Compromises...
Reply With Quote
  #7 (permalink)  
Old 10-22-2010, 11:28 AM
Moderator
  
Posts: 1,432
Default
More background on this: Bug 44384 - Bypass SA for emails sent from internal ZWC users (or provide a way to score them)
__________________
Elliot Wilen
Berkeley, CA

Don't forget to enter your Zimbra version in your forum profile.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.