Customized spam score for RBL listed senders: Difference between revisions
(Created page with "=Customized spam score for RBL listed Senders= <hr> {{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 9.0}}|}} {{WIP}} ====Requirement==== Add positive/negative spam score to the email if...") |
|||
| (16 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
__FORCETOC__ | |||
=Customized spam score for RBL listed Senders= | =Customized spam score for RBL listed Senders= | ||
{{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 9.0}}|}} | |||
{{KB|{{ZC}}|{{ZCS 8.8}}|{{ZCS 9.0}}|}} | ====Problem==== | ||
Add positive/negative spam score to the email if senders IP listed in the RBLs. | |||
====Description==== | |||
RBLs will work at MTA(postfix) level so, if sender IP is listed in the RBL then the email will be rejected by MTA (when RBLs enabled) without any notification to the recipient. To allow email without compromising security check, disable RBL check at MTA level and enable at Amavis level (Spam assassin). | |||
==== | ====Steps to follow==== | ||
'''NOTE: This is a customization and needs to be tested first on the test environment before implementing on production. Also these changes may not survive an upgrade.''' | |||
'''Step 1:''' | |||
* Remove required RBLs at MTA level if enabled. | |||
: Note: If RBLs not enabled at MTA level then this step can be skipped. | |||
* Global level configuration. | |||
:<pre>zmprov mcf -zimbraMtaRestriction "reject_rbl_client <RBL Address>"</pre> | |||
:Example: | |||
:zmprov mcf -zimbraMtaRestriction "reject_rbl_client xbl.spamhaus.org" | |||
* Server level configuration | |||
:<pre>zmprov ms `zmhostname` -zimbraMtaRestriction "reject_rbl_client <RBL Address>"</pre> | |||
* | '''Step 2:''' | ||
: | * Edit spam assassin configuration file <code>/opt/zimbra/conf/salocal.cf.in</code>, and add lines in below syntax for RBL lookup. | ||
:<pre>header CUSTOM_LOOKUP eval:check_rbl('<RBL name>','<RBL Address>') describe CUSTOM_LOOKUP Entries listed in <RBL Address> RBL score CUSTOM_LOOKUP <Score></pre> | |||
:Note: CUSTOM_LOOKUP is a key for this definition, so keep this same for every line. 2.0 is a positive SPAM score, to give negative spam score use -2.0. | |||
:'''Examples:''' | |||
:Rule -1: | |||
:: | :header CUSTOM_LOOKUP_5 eval:check_rbl('spam','spam.dnsbl.sorbs.net.') | ||
: | :describe CUSTOM_LOOKUP_5 Entries listed in spam.dnsbl.sorbs.net RBL | ||
:score CUSTOM_LOOKUP_5 2.0 | |||
:Rule -2: | |||
:header CUSTOM_LOOKUP_6 eval:check_rbl('recent','recent.spam.dnsbl.sorbs.net.') | |||
:describe CUSTOM_LOOKUP_6 Entries listed in recent.dnsbl.sorbs.net RBL | |||
:score CUSTOM_LOOKUP_6 -2.0 | |||
'''Step 3:''' | |||
* Restart Amavisd, MTA services. | |||
:<pre>zmamavisdctl restart zmmtactl restart</pre> | |||
====Validation==== | |||
The below is a sample message header when the sender IP is RBL listed. | |||
===== | ''X-Spam-Status: No, score=1.451 required=6 tests=['''CUSTOM_LOOKUP_5=2, CUSTOM_LOOKUP_6=-2''', DKIM_SIGNED=0.1, DKIM_VALID=-0.1]'' | ||
{{SubmittedBy| | {{SubmittedBy|Raghu Noti}} | ||
{{Article Footer|ZCS 8.8|2020- | {{Article Footer|ZCS 8.8.15, ZCS 9.0|2020-07-28}} | ||
Latest revision as of 05:26, 6 April 2022
Customized spam score for RBL listed Senders
Problem
Add positive/negative spam score to the email if senders IP listed in the RBLs.
Description
RBLs will work at MTA(postfix) level so, if sender IP is listed in the RBL then the email will be rejected by MTA (when RBLs enabled) without any notification to the recipient. To allow email without compromising security check, disable RBL check at MTA level and enable at Amavis level (Spam assassin).
Steps to follow
NOTE: This is a customization and needs to be tested first on the test environment before implementing on production. Also these changes may not survive an upgrade.
Step 1:
- Remove required RBLs at MTA level if enabled.
- Note: If RBLs not enabled at MTA level then this step can be skipped.
- Global level configuration.
zmprov mcf -zimbraMtaRestriction "reject_rbl_client <RBL Address>"
- Example:
- zmprov mcf -zimbraMtaRestriction "reject_rbl_client xbl.spamhaus.org"
- Server level configuration
zmprov ms `zmhostname` -zimbraMtaRestriction "reject_rbl_client <RBL Address>"
Step 2:
- Edit spam assassin configuration file
/opt/zimbra/conf/salocal.cf.in, and add lines in below syntax for RBL lookup.
header CUSTOM_LOOKUP eval:check_rbl('<RBL name>','<RBL Address>') describe CUSTOM_LOOKUP Entries listed in <RBL Address> RBL score CUSTOM_LOOKUP <Score>
- Note: CUSTOM_LOOKUP is a key for this definition, so keep this same for every line. 2.0 is a positive SPAM score, to give negative spam score use -2.0.
- Examples:
- Rule -1:
- header CUSTOM_LOOKUP_5 eval:check_rbl('spam','spam.dnsbl.sorbs.net.')
- describe CUSTOM_LOOKUP_5 Entries listed in spam.dnsbl.sorbs.net RBL
- score CUSTOM_LOOKUP_5 2.0
- Rule -2:
- header CUSTOM_LOOKUP_6 eval:check_rbl('recent','recent.spam.dnsbl.sorbs.net.')
- describe CUSTOM_LOOKUP_6 Entries listed in recent.dnsbl.sorbs.net RBL
- score CUSTOM_LOOKUP_6 -2.0
Step 3:
- Restart Amavisd, MTA services.
zmamavisdctl restart zmmtactl restart
Validation
The below is a sample message header when the sender IP is RBL listed.
X-Spam-Status: No, score=1.451 required=6 tests=[CUSTOM_LOOKUP_5=2, CUSTOM_LOOKUP_6=-2, DKIM_SIGNED=0.1, DKIM_VALID=-0.1]
| Submitted by: Raghu Noti |
