Results 1 to 5 of 5

Thread: Major SPAM to one account

Hybrid View

  1. #1
    Join Date
    Apr 2008
    Posts
    10
    Rep Power
    7

    Default Major SPAM to one account

    Hello,

    One of the email accounts on our email server is receiving hundreds of SPAM emails per day. In the last two or three weeks, there have been 3000+ SPAM messages. These are all coming to one account - the other email addresses are fine.

    I tried lowering the spam settings, and at one point had them as low as 1 and 10. There were still messages getting into the inbox.

    Where should I look to update spam rules? I downloaded a few SARE rule files into the folder and rebooted, but it doesn't look like much has changed.

    Here are some examples of the SPAM:

    Messages that made it into the inbox:

    Subject: 1,056 Live TV Channels With No Monthly Fee.
    SPAM Header:
    Code:
    X-Spam-Flag: NO
    X-Spam-Score: 0.101
    X-Spam-Level: 
    X-Spam-Status: No, score=0.101 tagged_above=-10 required=2
    	tests=[BAYES_50=0.001, RDNS_NONE=0.1]
    Subject: Final Notice:Lottery Winner...Contact for Claims
    SPAM Header:
    Code:
    X-Spam-Flag: NO
    X-Spam-Score: -1.469
    X-Spam-Level: 
    X-Spam-Status: No, score=-1.469 tagged_above=-10 required=2
    	tests=[BAYES_00=-2.599, DNS_FROM_OPENWHOIS=1.13]
    Subject: Greetings in the name
    SPAM Header:
    Code:
    X-Spam-Flag: NO
    X-Spam-Score: -1.949
    X-Spam-Level: 
    X-Spam-Status: No, score=-1.949 tagged_above=-10 required=2 tests=[AWL=0.650,
    	BAYES_00=-2.599]
    Subject: Kaplan University News
    SPAM Header:
    Code:
    X-Spam-Flag: NO
    X-Spam-Score: 0.102
    X-Spam-Level: 
    X-Spam-Status: No, score=0.102 tagged_above=-10 required=2
    	tests=[BAYES_50=0.001, HTML_MESSAGE=0.001, RDNS_NONE=0.1]
    Messages that came into the Junk folder:

    Subject: [SPAM]Discover the reliable source of cheap and quality drugs.
    SPAM Header:
    Code:
    X-Spam-Flag: YES
    X-Spam-Score: 11.425
    X-Spam-Level: ***********
    X-Spam-Status: Yes, score=11.425 tagged_above=-10 required=2
    	tests=[BAYES_99=3.5, RCVD_IN_BL_SPAMCOP_NET=1.96,
    	RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033, RDNS_NONE=0.1,
    	URIBL_BLACK=1.955]
    Subject: [SPAM]Japanese miracle sheds belly fat.
    SPAM Header:
    Code:
    X-Spam-Flag: YES
    X-Spam-Score: 13.472
    X-Spam-Level: *************
    X-Spam-Status: Yes, score=13.472 tagged_above=-10 required=2
    	tests=[AWL=-1.000, BAYES_99=3.5, FH_XMAIL_RND_833=1,
    	HTML_IMAGE_ONLY_16=1.526, HTML_MESSAGE=0.001,
    	HTML_SHORT_LINK_IMG_2=0.001, MIME_QP_LONG_LINE=1.396,
    	MPART_ALT_DIFF=0.739, RCVD_IN_NJABL_SPAM=2.072, URIBL_OB_SURBL=1.5,
    	URI_UNSUBSCRIBE=2.737]
    Subject: [SPAM]Denied a Bank Account? Second Chance Bank Account
    SPAM Header:
    Code:
    X-Spam-Flag: YES
    X-Spam-Score: 12.138
    X-Spam-Level: ************
    X-Spam-Status: Yes, score=12.138 tagged_above=-10 required=2
    	tests=[AWL=-0.259, BAYES_95=3, FB_TO_STOP_DISTRO=3.096,
    	HTML_IMAGE_ONLY_12=2.46, HTML_IMAGE_RATIO_02=0.383,
    	HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, URIBL_BLACK=1.955,
    	URIBL_JP_SURBL=1.501]
    Subject: [SPAM]Were you a victim of Hurricane Katrina? New Financail Aid is Here
    SPAM Header:
    Code:
    X-Spam-Flag: YES
    X-Spam-Score: 12.51
    X-Spam-Level: ************
    X-Spam-Status: Yes, score=12.51 tagged_above=-10 required=2 tests=[AWL=-0.004,
    	BAYES_99=3.5, FB_TO_STOP_DISTRO=3.096, HTML_IMAGE_ONLY_12=2.46,
    	HTML_MESSAGE=0.001, HTML_SHORT_LINK_IMG_2=0.001, URIBL_BLACK=1.955,
    	URIBL_JP_SURBL=1.501]
    I'd like to stay away from installing additional non-zimbra software packages unless they've been proven stable. I have a really stable system at this point and don't want to break it. I do have to do something about the SPAM though.

    Please offer suggestions. Thanks!

    We are using ZCS 5.0.8 running on Ubuntu 6.06 LTS.

  2. #2
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    These should help out a bit ClamAV - Unofficial Phishing Signatures

  3. #3
    dijichi2 is offline OpenSource Builder & Moderator
    Join Date
    Oct 2005
    Posts
    1,176
    Rep Power
    12

    Default

    add dcc, razor2 and sqlgrey into the mix. they are all 100% stable. sqlgrey in particular should get rid of 99% of your spam.

  4. #4
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    24

    Default

    Policy Daemon is a stable option aswell.

  5. #5
    Join Date
    Apr 2008
    Posts
    10
    Rep Power
    7

    Default

    Do you know of a how-to to get sqlgrey set up properly with zimbra 5?

    Thx

Similar Threads

  1. One account not receving email
    By EnglishDude in forum Administrators
    Replies: 12
    Last Post: 04-30-2010, 06:19 AM
  2. Test Delete Zimbra account coding
    By fsloke in forum Developers
    Replies: 3
    Last Post: 11-14-2008, 07:08 AM
  3. Common mailbox (or mail account) for some users
    By santiago78 in forum Administrators
    Replies: 6
    Last Post: 10-27-2008, 03:32 PM
  4. Compartmentalized groups or locations sharing a domain
    By dstoliker in forum Administrators
    Replies: 5
    Last Post: 07-14-2008, 12:06 PM
  5. Replies: 3
    Last Post: 09-18-2007, 06:55 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •