Spamassasin and Zimbra

August 28, 2009 admin No comments

I recently installed Zimbra.

Very impressed with the system having migrated my postfix+courier+spamassasin+clamav solution to it.

However I have found that out of the box it lets a lot of spam through.

I had been forwarding spam emails to my spam training account for a week but the X-Spam-Status headers didn’t show the BAYES_xx numbers incrementing, it seemed to be stuck on BAYES_00.

Whilst trying to debug the spamassasin config – I found the “sa-learn –dump” command was erroring out.

A quick fix, a permissions issue, I had to manually create the /opt/zimbra/.spamassasin directory and chown zimbra:zimbra it. Re-ran the dump and it succeded.

After another week of fowarding spam emails to my spam training account, I gradually saw my spam increase in score and by the end of the week all mail was hitting BAYES_99.

The problem is that BAYES_99 on its own does score high enough (3.5) to get the email marked as spam by Spamassasin.

Next problem I found that out of the box Zimbra didn’t enforce all the obvious MTA restrictions.

Why not? Well, the documentation gives you a 4 line command to run, but the quotes don’t paste properly, much like my own example below:

zmprov mcf zimbraMtaRestriction reject_invalid_hostname zimbraMtaRestriction reject_non_fqdn_hostname zimbraMtaRestriction reject_non_fqdn_sender zimbraMtaRestriction “reject_rbl_client dnsbl.njabl.org” zimbraMtaRestriction “reject_rbl_client cbl.abuseat.org” zimbraMtaRestriction “reject_rbl_client bl.spamcop.net” zimbraMtaRestriction “reject_rbl_client dnsbl.sorbs.net” zimbraMtaRestriction “reject_rbl_client sbl.spamhaus.org” zimbraMtaRestriction “reject_rbl_client relays.mail-abuse.org”

Is it just me or is it too much to expect an ‘enterprise’ product to come out of the box to block ACAI diets? and Viagra?

With the RBL’s in place, my spam was reduced further, but many were still getting through.

Found this article:

http://www.zimbra.com/forums/administrators/4933-improving-spam-filtering.html

Installing Razor and DCC seems to be the answer, haven’t installed Pyzor yet.

Good bye spam.

Linux, Zimbra none

Megamon Tech Blog

Spamassasin and Zimbra

Leave a Comment