From what I can tell, Zimbra has spam filtering mostly based on Spamassassin and also some RBL support (although it appears to me that one can select RBLs only from a specified shortlist). I also believe that it will verify that the sender's domain name against its IP address before allowing a connection (but I am not certain of this). Are any of the following measures supported?
Detecting directory harvest attempts and either denying or delaying connections from the offending server;
Ability to delay replies to SMTP handshake;
Ability to block or delay excessive or excessive cuncurrent connections from SMTP servers;
Blocking messages that contain URLs linking to hosts listed in selected RBL (although I think Spamassassin uses this to score emails);
Configurable filtering by content or address.
Also, will there be a GUI for configuring the RBLs?