Hi,
I think Zimbra is generating spam and causes our ip to be black listed almost every day.
We are using Trend Miro Interscan for viruses and it forwards all mail to our Zimbra server, and all out going mail from Zimbra goes to the interscan server. That way we are scanning for viruses in and out.
The problem is that we are getting spam that is coming in and Zimbra replyes to the messages because the email don't exist. Then we get a reply back from what ever domain saying the email that we tried to send to doesn't exist.
At least that is what I think is happening as far as I can tell.
Does that make sense? How can I change the settings in Zimbra to not reply to emails that are coming to invalid addresses.
We get alot of emails for example to say bob@ourdomain.com bob is not a valid email address. Zimbra replys that its not valid, and then we get emails back saying the other doesn't exist.
I have been looking at the settings in MTA and am wondering what would be the effect of checking
Client's IP address (reject_unknown_client)
Hostname in greeting (reject_unknow_client)
Sender's domain (reject_unknown_sender_somain)
All of which are unchecked.
Anti-Spam is enabled with 75/33
Thanks for any help
How to reduce spam
How to reduce spam
Which version/release of Zimbra are you using? Current versions have SpamAssassin & DSPAM installed so your spam should be reduced, you also need to adjust your tag/kill levels so that you get more of the spam. Have a search of the forums for some more info.
You're getting those emails for invalid accounts because somebody is spamming you and using spoofed headers, obviously Zimbra doesn't know what to do with it and tries to return it to the original sender. Those messages should be caught by adding the settings you've mentioned and changing the tag/kill levels.
So, Zimbra isn't generating spam and is doing exectly what it should do with the mail.
You're getting those emails for invalid accounts because somebody is spamming you and using spoofed headers, obviously Zimbra doesn't know what to do with it and tries to return it to the original sender. Those messages should be caught by adding the settings you've mentioned and changing the tag/kill levels.
So, Zimbra isn't generating spam and is doing exectly what it should do with the mail.
How to reduce spam
I am using version 3 I believe not the latest but the one right before that. I will try turning on the 3 that I mentioned above and I will search the forum and see if I can adjust the settings for the spam. I hope it works. I would just hate to have the system start blocking emails that are valid.
Thanks for all the help
Thanks for all the help
How to reduce spam
[quote user="scandog"]I would just hate to have the system start blocking emails that are valid.
[/QUOTE]
That is the problem with trying to deal with spam, it's a juggling act to catch as much spam as possible (you'll never get it all) and not reject valid mail.
[/QUOTE]
That is the problem with trying to deal with spam, it's a juggling act to catch as much spam as possible (you'll never get it all) and not reject valid mail.
How to reduce spam
Every thing seemed to be going fine after making the above changes, but I have been listed as a spammer again.
How can I tell whats going on I have looked thru the zimbra.log file to try and see what is going on.
If Zimbra sends a reply that an address doesn't exist and the address it sends it to doesn't exist is that concidered spam? (original email is spam)
How can I disable zimbra from replying to emails sent to addresses that don't exist on my server?
I have tried suggestions on the forum to check to see if I am being used as a relay and it seems fine.
If anyone has any suggestions on what I can look for I would really appreciate it.
Thanks
How can I tell whats going on I have looked thru the zimbra.log file to try and see what is going on.
If Zimbra sends a reply that an address doesn't exist and the address it sends it to doesn't exist is that concidered spam? (original email is spam)
How can I disable zimbra from replying to emails sent to addresses that don't exist on my server?
I have tried suggestions on the forum to check to see if I am being used as a relay and it seems fine.
If anyone has any suggestions on what I can look for I would really appreciate it.
Thanks
How to reduce spam
That shouldn't cause you to be blacklisted. Are you sure there's no spam being sent by your users?
If you remove the line
reject_unlisted_recipient
from /opt/zimbra/conf/postfix_recipient_restrictions.cf
and restart postfix, it should stop rejecting the mail (though it'll just pile up on your system, I think)
If you remove the line
reject_unlisted_recipient
from /opt/zimbra/conf/postfix_recipient_restrictions.cf
and restart postfix, it should stop rejecting the mail (though it'll just pile up on your system, I think)
How to reduce spam
Well I don't know why but is seems to cause use to be black listed. Do you have any idea where the emails would go if I remove the line you suggested. Are they just lost? Or would they go some where? As long as I could delete them at some point if they do pile up. If they are gone great.
Thanks
Thanks