I have been trying to have Zimbra reject any mail from one particular spammer's IP (72.248.133.133), from where we receive close to 100 messages a day, but haven't had much luck so far. This is somehow not listed on any of the RBLs we use (see below).

The spammer keeps changing the DNS A and MX records daily, but the IP is the same... so far.

Here's what I tried -
1. Created an access file /opt/zimbra/conf/maps/access with the first three octets of the reject IP
Code:
72.248.133      554
2. Ran postmap to create the hash db
Code:
postmap /opt/zimbra/conf/maps/access
3. Then ran the following to update the zimbra config (see last line)
Code:
zmprov mcf \
zimbraMtaRestriction reject_invalid_hostname \
zimbraMtaRestriction reject_non_fqdn_hostname \
zimbraMtaRestriction reject_non_fqdn_sender \
zimbraMtaRestriction reject_unknown_sender_domain \
zimbraMtaRestriction "reject_rbl_client dnsbl.njabl.org" \
zimbraMtaRestriction "reject_rbl_client cbl.abuseat.org" \
zimbraMtaRestriction "reject_rbl_client bl.spamcop.net" \
zimbraMtaRestriction "reject_rbl_client dnsbl.sorbs.net" \
zimbraMtaRestriction "reject_rbl_client sbl.spamhaus.org" \
zimbraMtaRestriction "reject_rbl_client relays.mail-abuse.org" \
zimbraMtaRestriction "check_client_access hash:/opt/zimbra/conf/maps/client_access"
Zimbra is still not rejecting the client IP starting with 72.248.133, and the logs show mails being accepted.

Upon looking into /opt/zimbra/postfix/conf/main.cf, I see all of the restrictions added, except the check_client_access restriction.

Should I be adding this manually to the main.cf file? But that will get overwritten if I run a zmprov mcf command later.

Any help is greatly appreciated!