We've started to receive some targeted phishing messages, and most recently they have been spoofing email accounts that are "@ourdomain.com". This is causing these messages to NOT be spam checked. We are running Zimbra 8.0.2.
I thought I configured amavisd to not spam check mail that was sent from the receiving MTA, but it seems that this is not the case. It looks like if the message contains a from address @ourdomain (spoofed or real), regarless of the sending MTA, it is not spam checked.
How do I resolve this? Is there a way to have my cake and eat it too? Any help would be MUCH appreciated.