It has occurred to me that a few changes would make Zimbra message filters extremely powerful. These ideas can be implemented individually, or they can build on the added capability of each:

  1. URL
    If I can look for a URL in the body of a message, I'm able to do a bit of my own message validity checking to get rid of some phishing spam.
    A not operator allows really complex and powerful filters to be built using only simple constructs. At the moment I'm being bombarded by phishing spam from not If I could build a filter that would compare the from list with Body text doesn't contain <token>, I might be able to nail this junk.
    GROUPS would allow enable one filter to do multiple tasks, reducing the risk of spam being missed, and (possibly) stopping legitimate messages being classified as spam. The ability to look for multiple complex matches allows me to build one phishing filter, one smut filter, one <whatever>, each comprised by groups of matches that at present are individual filters. At the end of processing, results of the groups are OR-ed together to create a very powerful general filter. Granted, these could get pretty complicated, but hey, that's my business.

I'm an end user of Zimbra; it would be dangerous for me to actually touch any code.