The spam filtering in Zimbra is a bit perplexing to me. I find it often lets very obvious spam pass through, while blocking legitimate emails from my bank or newsletters I subscribe to or whatever. I've done some poking about, and was hoping someone could answer some questions for me.
First, here is an example of a message I just received, which passed through (I've removed some of the irrelevant headers and personal data):
My first question is, how can I disable DSPAM? I've never seen it correctly identify anything - it typically will mark messages like this as innocent and often marks legitimate emails as spam, which greatly throws off the score. In the above example, this email would have scored enough to be flagged as spam were it not for DSPAM.
X-Virus-Scanned: amavisd-new at xxx
X-Spam-Status: No, score=3.542 tagged_above=-10 required=4
tests=[BAYES_50=0.8, RDNS_NONE=0.793, SPF_PASS=-0.001,
URIBL_DBL_SPAM=1.7, URIBL_JP_SURBL=1.25, DSPAM.Innocent=-1.000]
Received: from xxx ([127.0.0.1])
by localhost (xxx [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id ZlF3lfdvBaCp for <xxx>;
Fri, 11 Oct 2013 10:41:27 -0400 (EDT)
Received: from mx4.lowrateoportunity.com (unknown [22.214.171.124])
by xxx (Postfix) with ESMTP id 866F62281DBB
for <xxx>; Fri, 11 Oct 2013 10:41:17 -0400 (EDT)
Subject: Fresh rule change
From: "Alert" <Alert@lowrateoportunity.com>
Date: Fri, 11 Oct 2013 09:11:29 -0500
Content-Type: text/plain; charset=us-ascii
- - - - - - - - - start of notice - - - - - - - - -
Re: Obama reduces the amount homeowners owe
Fantastic News for Current U.S. Homeowners: The FHA has reduced-the REFl-Requirements.
This new reduction cuts your current monthly home-payments in HALF.
Go here now to see what your new payment will be:
- - - - - - - - - end of notice- - - - - - - - -
Second, for my settings, i have Kill/Tag set at 66/20, and here are my MTA settings:
Are these good settings? The RHSBLs are new with Zimbra 8, can someone recommend some good values for those? What are they for?
Finally, I wanted to make sure that the settings were being set in Postfix properly, but when I dump the values with postconf, I see this:
It looks like the setting is getting truncated due to some character limit... is this a limitation of the postconf command, or is the actual setting within Postfix being chopped?