Results 1 to 9 of 9

Thread: [SOLVED] Mail sent using Webmail marked as Spam (RCVD_IN_XBL)

  1. #1
    Join Date
    Nov 2009
    Location
    Austria
    Posts
    9
    Rep Power
    6

    Default [SOLVED] Mail sent using Webmail marked as Spam (RCVD_IN_XBL)

    Hello!

    A collegue of mine is using only the webinterface for sending mails. since she is @homeoffice today (some dynamic IP), all her mails are marked as spam due to RCVD_IN_XBL:

    Code:
    X-Spam-Status: Yes, score=6.804 tagged_above=-10 required=6.6
    	tests=[AWL=0.186, BAYES_50=0.001, RCVD_IN_BL_SPAMCOP_NET=1.96, 
    	RCVD_IN_PBL=0.905, RCVD_IN_SORBS_WEB=0.619, RCVD_IN_XBL=3.033, RDNS_NONE=0.1] 
    	autolearn=no
    how comes RCVD_IN_XBL triggers although the message never left the server? th X-Originating-IP seems to be the cause, but why does this matter in this case? this does not happen to other users accessing the frontend using eg static IPs. and how can I fix this?

    thanks in advance

    Elco

    PS: (we are running 6.0.0 currently, upgrade to 6.0.4 coming this weekend)
    Last edited by ElCondor; 01-07-2010 at 02:49 AM.

  2. #2
    Join Date
    Jun 2009
    Location
    Hamburg, Germany
    Posts
    22
    Rep Power
    6

    Default

    I have the same problem, some colleague working from home with a dynIP as well, but using Outlook, not the web interface.

    I could whitelist that user, so at least internal mails would come through again, but I think sending mails to other mail servers would end up in spam as well, right?

    Code:
    X-Spam-Status: Yes, score=4.412 tagged_above=-10 required=3 tests=[AWL=1.596,
    	BAYES_00=-2.599, DYN_RDNS_SHORT_HELO_HTML=0.499, HTML_MESSAGE=0.001,
    	RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RCVD_IN_XBL=3.033,	RDNS_DYNAMIC=0.1]

  3. #3
    Join Date
    Nov 2006
    Location
    UK
    Posts
    8,017
    Rep Power
    25

    Default

    We would need to see the full headers from one of the emails.

  4. #4
    Join Date
    Feb 2007
    Location
    Massachusetts
    Posts
    136
    Rep Power
    8

    Default

    This is most likely due to X-Originating-Address: <home-IP>

    I had this problem as well. There is a feature to rip that header out, and not get flagged as spam.

    Go to "global settings" in the admin panel and make sure that "Add X-Originating-IP" is unchecked.

    At least that's where it is in 6.0.4, it might be in a slightly different place in earlier versions. I know it did not exist in 5.0.12 or so, but I know that it did in 5.0.18.

    Good luck,
    ~Nutz

  5. #5
    Join Date
    Feb 2007
    Location
    Massachusetts
    Posts
    136
    Rep Power
    8

    Default

    Oh you will have to bounce at least the mta to get this to work, but you may have to bounce the full zimbra service.

    Cheers,
    Nutz

  6. #6
    Join Date
    Nov 2009
    Location
    Austria
    Posts
    9
    Rep Power
    6

    Default

    Quote Originally Posted by Nutz View Post
    This is most likely due to X-Originating-Address: <home-IP>

    I had this problem as well. There is a feature to rip that header out, and not get flagged as spam.

    Go to "global settings" in the admin panel and make sure that "Add X-Originating-IP" is unchecked.
    Thanks a lot, that solved the problem!

  7. #7
    Join Date
    Feb 2007
    Location
    Massachusetts
    Posts
    136
    Rep Power
    8

    Default

    good to hear

  8. #8
    Join Date
    Dec 2007
    Posts
    8
    Rep Power
    7

    Default

    Am I the only one who thinks that this isn't really a solution?

    I have 2 users at the same location. User 1 uses SMTP/IMAP with Mac Mail, User 2 uses the Outlook Connector. User 1 has no problems sending mail, but User 2 was getting mail to internal users going to Junk because of the activation of various RCVD_IN rules based on her dynamic IP address which doesn't have reverse DNS.

    Of course User 1 has the same IP address and lack of reverse DNS but it doesn't seem to be a problem when using authenticated SMTP.

    To "solve" this I have turned off x-originating-ip which I think is a kludge and now makes it harder to trace source IP addresses in other instances.

    Is there a way to make Spamassassin do the right thing?

  9. #9
    Join Date
    Jul 2007
    Posts
    6
    Rep Power
    8

    Default

    I also agree, turning off x-originating-ip isn't the answer. Turning off x-originating-ip corrects the problem with webmail users from their mail getting tagged as spam but creates a host of other problems. What's the proper fix? Or is there one? Whitelisting the user isn't a proper fix either.

Similar Threads

  1. Replies: 7
    Last Post: 02-03-2011, 07:01 AM
  2. Replies: 15
    Last Post: 11-19-2009, 12:16 AM
  3. [SOLVED] mailbox and apache not running
    By rtwick in forum Administrators
    Replies: 4
    Last Post: 11-15-2008, 08:21 AM
  4. zmamavisdctl stopped and won't restart
    By alto in forum Installation
    Replies: 2
    Last Post: 04-18-2008, 01:41 AM
  5. fresh install down may be due to tomcat
    By gon in forum Installation
    Replies: 10
    Last Post: 07-25-2007, 09:09 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •