Results 1 to 5 of 5

Thread: Is the anti-spam system misconfigured?

  1. #1
    Join Date
    Mar 2008
    Rep Power

    Default Is the anti-spam system misconfigured?

    Zimbra 7.1.1 on CentOS 5.6

    I've noticed there are a few legitimate clients of mine that cannot send me mail as they are continually being dropped into the spam folders. From what I can see from the message headers, instead of blocking based on the IP of their SMTP server, Zimbra is analyzing their ISP IP Address and blocking based on a high score for the ISP's poor reputation and dynamic IP entries in blacklists.

    This is causing serious problems for me, and I would imagine others. If I am correct, the proper method for spam filtering is to block based on SMTP server reputation, not on the ISP a sender subscribes to. Further, in research it would seem that it is against RFC's for the sender and/or their SMTP server provider to hide the initial connection.

    To make matters worse, I cannot seem to find a way to stop Zimbra from blocking these clients. I continually remove them marking them as not spam however that seems to have 0 effect. There also does not seem to be any way to have a filter that goes through the spam folder to automatically detect these emails and mark them as not spam (thus returning them to the inbox).

    Is anyone else having these issues? The most common ISP creating this situation is Verizon (example:


  2. #2
    Join Date
    Oct 2005
    USA, Canada and India
    Rep Power


    post the real Email Header here so we can point out what rule is triggering this in spamassasin so you can remove it or disable it

    i2k2 Networks
    Dedicated & Shared Zimbra Hosting Provider

  3. #3
    Join Date
    Mar 2008
    Rep Power


    If you look at these:
    DOS_OUTLOOK_TO_MX=2.845 #Not sure why this is triggering

    FH_HOST_EQ_VERIZON_P=1.323 #Verizon user being punished for chosing Verizon as an ISP even though they're not using a Verizon SMTP server.

    RCVD_IN_PBL=3.335 #Verizon dynamic IP's are listed here. Again, this is not the SMTP server responsible for the mail so again the message is inappropriately receiving a bad score.

    RCVD_IN_RP_RNBL=1.31 # Same as above

    Received: from (LHLO
     ( by with LMTP; Fri, 15 Jul 2011
     14:37:57 -0700 (PDT)
    Received: from localhost (localhost.localdomain [])
    	by (Postfix) with ESMTP id 7145828F095C;
    	Fri, 15 Jul 2011 14:37:57 -0700 (PDT)
    X-Virus-Scanned: amavisd-new at
    X-Spam-Flag: YES
    X-Spam-Score: 10.598
    X-Spam-Level: **********
    X-Spam-Status: Yes, score=10.598 tagged_above=-10 required=8
    	tests=[BAYES_50=0.8, DOS_OUTLOOK_TO_MX=2.845,
    	HELO_NO_DOMAIN=0.001, RCVD_IN_PBL=3.335, RCVD_IN_RP_RNBL=1.31,
    	RCVD_IN_SORBS_DUL=0.001, RDNS_DYNAMIC=0.982] autolearn=no
    Received: from ([])
    	by localhost ( []) (amavisd-new, port 10024)
    	with ESMTP id 8Cyx9BfRMboI; Fri, 15 Jul 2011 14:37:57 -0700 (PDT)
    Received: from ( [])
    	by (Postfix) with ESMTPS id 112CC28F067B
    	for <>; Fri, 15 Jul 2011 14:37:57 -0700 (PDT)
    Received: from D9PM8LH1 ( [])
    	by (8.13.8/8.13.8) with ESMTP id p6FLcHrH004974
    	for <>; Fri, 15 Jul 2011 14:38:17 -0700
    From: "SCOTTY" <>
    To: "'MYCOMPANY Support'" <>
    References: <000f01cc4191$a497b1d0$edc71570$@com> <>
    In-Reply-To: <>
    Subject: RE: [#207097] email and collaboration
    Date: Fri, 15 Jul 2011 16:37:51 -0500
    Message-ID: <006c01cc4337$761d0f60$62572e20$@com>
    MIME-Version: 1.0
    Content-Type: text/plain;
    Content-Transfer-Encoding: quoted-printable
    X-Mailer: Microsoft Office Outlook 12.0
    Thread-Index: AcxCb+1766BRNF9jSeuzrMtYBQpPKwAxQi7Q
    Content-Language: en-us

  4. #4
    Join Date
    May 2011
    Rep Power

    Default Global whitelist

    Can you whitelist the sender or senders domain? This has worked for me on Zimbra and our old webmail server.

    The whitelist bypasses filters


  5. #5
    Join Date
    Mar 2008
    Rep Power


    I was able to patch the problem using the info here:
    Last edited by rotorboy; 09-14-2011 at 10:25 AM. Reason: typo

Similar Threads

  1. Help mail server broadcast spam
    By sh1n_b3 in forum Administrators
    Replies: 0
    Last Post: 01-19-2011, 06:44 PM
  2. Zimbra spam system
    By rajahd in forum Administrators
    Replies: 9
    Last Post: 04-16-2008, 07:25 PM
  3. Replies: 3
    Last Post: 04-15-2008, 06:38 AM
  4. [SOLVED] Mailserver down when send file attach of 50Mb
    By ZMilton in forum Administrators
    Replies: 20
    Last Post: 04-10-2008, 11:44 AM
  5. Anti Spam and 4.5.10 Upgrade question
    By dlochart in forum Administrators
    Replies: 1
    Last Post: 12-17-2007, 02:14 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts