Results 1 to 1 of 1

Thread: Assistance with SpamAssassin

  1. #1
    jclark1968 is offline Beginner Member
    Join Date
    Jul 2014
    Posts
    1
    Rep Power
    1

    Default Assistance with SpamAssassin

    Hi,

    We have been running with an out of the box ZCS 8.0.1_GA_5438.FOS solution for a couple of years now, we no major hiccups or incidents. Our solution is very lightweight whereby ZCS acts as an inbound/outbound email gateway for our Service Desk offering, our customers are provided with a email address to which they can send emails to, on receipt of the inbound email our Service Desk tool will poll the mailbox and then turn these emails into incidents or requests, the original email is then deleted from ZCS. Similarly for outbound notifications our Service Desk tool will connect to ZCS and send out notifications etc.

    One of our customers has logged an issue whereby they have received what looks like a SPAM email which has been turned into a Incident ticket, so it would appear that ZCS has not intercepted this message.

    Unfortunately as the email not longer exists I am unable to look at the headers, the body of the received email was:

    Sender: anacla_ramos@yahoo.com.br
    Subject: testa esse no seu site, é grátis
    Body: Oi, neste link você encontra o sistema de atendimento online por chat que você pediu, pra colocar no seu site. É 100% de graça. E é bom. Bastante completo e facinho, não precisa manjar nada: Xampei - Atendimento Online Gr?tis para Sites - Faz o teste e vê se gosta. Bitocas.

    On analyzing the zimbra and mail log I could not see anything amiss, the only exception being a line that read:

    mail amavis[8432]: (08432-20) Passed BAD-HEADER-2 {RelayedInbound,Quarantined}, [213.199.154.13]:11211 [208.75.253.178] <anacla_ramos@yahoo.com.br> -> <xxx.xxx@xxx.com>, quarantine: badh-qjNxVjHnAq0I, Queue-ID: 863394A6F, Message-ID: <20140715-11321728-e4c@fa222>, mail_id: qjNxVjHnAq0I

    I can only assume that because the locale was br_PT it contained invalid non-encoded 8-bit characters in the headers?

    My planned remediation was to set-up a blacklist entry for the yahoo.com.br domain assuming that the customer was happy for this and that they aren't expecting to receive any emails from this domain.

    Does anyone have any thoughts on my ZCS would have missed this email and whether mt remediation is the correct approach?

    I have attached the zimbra and mail.logs

    Many thanks for any advice and guidance received.

    Regards Jon
    Attached Files Attached Files

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Assistance configuring inbound MTA
    By mark.d.henning in forum Installation
    Replies: 4
    Last Post: 08-19-2010, 08:45 PM
  2. Migration Assistance
    By dwill in forum Administrators
    Replies: 10
    Last Post: 12-02-2008, 08:20 AM
  3. Some setup assistance?
    By zeeman in forum Installation
    Replies: 2
    Last Post: 06-06-2008, 11:15 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •