Only some users detect SPAM from our Whitelisted domain

Discuss your pilot or production implementation with other Zimbra admins or our engineers.
Post Reply
User avatar
GEOptic
Posts: 6
Joined: Mon Sep 09, 2019 3:36 pm
ZCS/ZD Version: 8.8.15

Only some users detect SPAM from our Whitelisted domain

Post by GEOptic »

Good Day Ladies, Gentlemen,

It's been quite a journey with spam lately (my God lots of people have spare time...)

Ok, so I worked few hours trying to set it up nicely. But we have some weird behavior, so weird that Zimbra Support could not get it. Neither me!

So, suppose an internal user send mail to a bunch of internal users, all but one received the email as WHITELISTED.
Here is the mail header. It's ok to be spam if not from ourdomain.com ... but look further down other email header:
Return-Path: <vp@ourdomain.com>
Received: from mail.ourdomain.com (LHLO mail.ourdomain.com) (172.16.24.20) by
eve.gentec-eo.com with LMTP; Tue, 6 Apr 2021 15:20:52 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
by mail.ourdomain.com (Postfix) with ESMTP id 9F76E1FD7BD
for <ceo@ourdomain.com>; Tue, 6 Apr 2021 15:20:52 -0400 (EDT)
X-Amavis-Modified: Mail body modified (using disclaimer) - mail.ourdomain.com
X-Spam-Flag: YES
X-Spam-Score: 5.661
X-Spam-Level: *****
X-Spam-Status: Yes, score=5.661 required=4 tests=[ALL_TRUSTED=-1,
DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1,
DKIM_VALID_EF=-0.1, GOOG_STO_IMG_NOHTML=2.499, HELO_NO_DOMAIN=2,
HTML_MESSAGE=0.001, KAM_STORAGE_GOOGLE=2.25, RDNS_NONE=0.1,
T_REMOTE_IMAGE=0.01, URIBL_BLOCKED=0.001] autolearn=disabled
From same user, the email is WHITELISTED ... I get lost. Checked all configs, user account DIFF ... I must have missed something, of Amavis and Spamassassin have some sort of AI trying to mess my days ;)
Return-Path: <vp@ourdomain.com>
Received: from mail.ourdomain.com (LHLO mail.ourdomain.com) (172.16.24.20) by
mail.ourdomain.com with LMTP; Wed, 7 Apr 2021 12:10:59 -0400 (EDT)
Received: from localhost (localhost [127.0.0.1])
by mail.ourdomain.com (Postfix) with ESMTP id 5D8C020C888
for <ceo@ourdomain.com>; Wed, 7 Apr 2021 12:10:59 -0400 (EDT)
X-Amavis-Modified: Mail body modified (using disclaimer) - mail.ourdomain.com
X-Spam-Flag: NO
X-Spam-Score: 0
X-Spam-Level:
X-Spam-Status: No, score=x required=4 WHITELISTED tests=[]
autolearn=unavailable
It happened to a few other accounts.

Any one have a clue one why our domain is not ALWAYS WhiteListed from SPAM !!??

Tks
Sylvain
User avatar
fs.schmidt
Outstanding Member
Outstanding Member
Posts: 278
Joined: Sat Sep 13, 2014 3:37 am
Location: Brazil
Contact:

Re: Only some users detect SPAM from our Whitelisted domain

Post by fs.schmidt »

Hello,

If you are receiving internal messages as SPAM you can fix it:

https://wiki.zimbra.com/wiki/Prevent_in ... ed_as_spam
Best regards.
Fabio S. Schmidt
http://www.bktech.com.br
Brasília - Brazil
Post Reply