Block Emails by Using Subject in Zimbra

Issue:

Recently I got so many complaints from my customers who are having spam emails with the subject "your mailbox is full". They are very much worried about it. In such cases, some of the users click on the link provided on those emails and there account got compromised.


Solution:

Luckily, Zimbra can block emails by the content from subject of email. Below is the procedure to block emails by using subject.

Create a file subjectblock.cf as root user.


vim /opt/zimbra/data/spamassassin/rules/subjectblock.cf


header        SPAM_BANNED        Subject =~ /your mailbox is full/i

describe     SPAM_BANNED        Subject contains your mailbox is full

score         SPAM_BANNED        50.0


Note:

Above rule created to block emails with the subject "your mailbox is full" where i indicates case-insensitive search.

SPAM_BANNED is the name of ACL to block the emails having subject "your mailbox is full" and the score 50.0 is the score provided to those emails matching the subject.

If someone wants to block other emails with different subject, it is required to create an ACL with different name.

Save the file and provide the user and group permission to the file subjectblock.cf.


chown zimbra.zimbra /opt/zimbra/data/spamassassin/rules/subjectblock.cf

su - zimbra -c "zmamavisdctl restart"


Now send an email with the subject "your mailbox is full" and check the log.

 

Sep  3 22:08:42 mail postfix/qmgr[12446]: 5A8201160040: from=<afsher.faisal@gmail.com>, size=4481, nrcpt=1 (queue active)

Sep  3 22:08:42 mail amavis[6346]: (06346-01) Blocked SPAM {DiscardedInbound}, [202.84.32.5]:36347 [209.85.216.170] <afsher.faisal@gmail.com> -> <user1@xyz.com>, Queue-ID: 5A8201160040, Message-ID: <CAD0nXftcteRA6twVPZXa1=TM+dTukPdAiC7W56AYMMd-FWz0Gg@mail.gmail.com>, mail_id: U6-bOPxS1dns, Hits: 50.473, size: 4480, dkim_sd=20150623:bol-online-com.20150623.gappssmtp.com, 578 ms

Sep  3 22:08:42 mail postfix/smtp[5525]: 5A8201160040: to=<user1@example.com>, relay=127.0.0.1[127.0.0.1]:10024, delay=0.65, delays=0.06/0/0.01/0.57, dsn=2.7.0, status=sent (250 2.7.0 Ok, discarded, id=06346-01 - spam)


Comments

Post a Comment

Popular posts from this blog

Install a Comodo/Sectigo Domain Validation SSL certificate in Zimbra

Objective:  Install a Comodo/Sectigo Domain Validation (DV) SSL certificate in Zimbra. We usually get the below four files from Sectigo in the certificate bundle. The file name may vary depending on the certificate type 1.     yourdomain.com.crt - main certificate 2.     AAACertificateServices.crt – Root Certificate 3.     USERTrustRSAAAACA.crt – Intermediate Certificate - 1 4.     SectigoRSADomainValidationSecureServerCA.crt - Intermediate Certificate - 2 Step 1:  We shall create two files as below. commercial_ca.crt (includes root certificate and two intermediate certificates) commercial.crt (includes main certificate, root certificate and two intermediate certificates) Step 2:  Login to Zimbra server, move to directory /opt/zimbra/ssl/zimbra/commercial and create two files as below. root@mail:~# cd /opt/zimbra/ssl/zimbra/commercial/ root@mail:/opt/zimbra/ssl/zimbra/comme...
Read more

Adding DKIM record (1024 bit) in Zimbra

Image
Email security is very important now a days. We always look for inbound email security. However, it is very much important to enhance security for outbound emails too for successful email delivery to the recipient inbox. DomainKeys Identified Mail (DKIM) provides an organization to take responsibility for a message that is in transit. The sending server reputation is responsible for successful email delivery. DKIM provides the message is not being altered in the transmission of message till delivery of it. Technically DKIM provides a method for validating a domain name identity that is associated with a message through cryptographic authentication. In some cases, we have generate 1024 bit DKIM key due to old Zimbra version or lack of support 2048 bit key in DNS servers. The below steps should be performed to achieve the goal of publishing 1024 bit DKIM key. Generate DKIM Key: DKIM signing is done at the domain level, including alias domains. Setting up signing consists of two p...
Read more

Recipient Limit of a Message in Zimbra

Image
We received some complaints from one of our customers regarding problem of sending email, especially rate limit, to Gmail. After some diagnosis, we found that the users keep 70-80 email addresses in TO/CC/BCC. In order to restrict users to send emails on such accounts at a time, we implemented a policy. After executing this policy, users shall not be able to add more than 10 email addresses in a message. root@mail:~# su – zimbra Check the current limit: zimbra@mail:~$ postconf | grep smtpd_recipient_limit  smtpd_recipient_limit = 1000     ##This is the default recipient limit zimbra@mail:~$ postconf -e 'smtpd_recipient_limit = 10'   It will restrict the recipient limit to 10. You may adjust the number based on your scenario. To apply settings. zimbra@mail:~$ postfix reload After applying this settings, you will get an error while sending a message greater than the threshold value (in this case: 10). It is also t...
Read more