I am posting this under "installation" since I could not find a more focused topic like "security"...

The Zimbra server is by default an open relay for trusted networks.

In my setup there is a webserver in the trusted network that is using Zimbra as a relay server. For that the webserver uses mostly the PHP mail() function. It is difficult to ensure that the scripts will *never* be abused so I want to focus on securing the mail server as much as possible.

The question: is it possible to spam filter the messages that are being offered for relay? If any script would get hacked on the webserver the email server would block the spam from being sent out.