Sajjan's Blog

Blocking Mails Based on Subject in Zimbra

by

sajjanbh
in , ,

Welcome back! In this post, let’s talk about tightening our Antispam or Spamassassin in Zimbra. In real-time, there may be a serious reason for filtering and blocking mails based on subject that contain certain structures or words. Here are the steps to achieve this objective in Zimbra 8.5 and later.




Zimbra Content Filter
Zimbra Content Filter

1) Create a policy file inside /opt/zimbra/data/spamassassin/rules/ as root user e.g.

[code language=”bash”]vi /opt/zimbra/data/spamassassin/rules/sub_attachment.cf
header  SUB_ATTACHMENT  Subject =~ /(.jpg|.png|.gif|.pdf|.doc|.docx|.xl|.ppt)/i
describe SUB_ATTACHMENT Subject contains Attachment Name.
score   SUB_ATTACHMENT  20.0[/code]

Here, SUB_ATTACHMENT is a rule that filters the mail header based on the regular expression match of Subject. The describe statement is the message that is sent to the sender mentioning the reason for mail delivery failure. Finally, the score statement sets the spam score of the mail that matches this rule. Here, the spam score of 20.0 is much higher than the maximum allowed spam score. So, the mails that match this rule will be discarded by Zimbra categorizing it as a Spam.

2) Change ownership of this file to zimbra user

[code language=”bash”]chown zimbra:zimbra /opt/zimbra/data/spamassassin/rules/test.cf[/code]

3) Restart Amavis to implement changes

[code language=”bash”]su – zimbra -c "zmamavisdctl restart"[/code]

Now, if there arrives any mail with subject containing .jpg or .png or .gif or .pdf or .doc or .docx or .ppt, it’ll be scored as 20.0 and then discarded. Note, this will send bounce notification back to the sender.

To further strengthen your Anti-Spam in Zimbra, you may also add a custom rule sets maintained by a security researcher called Kevin McGrail. To implement it, follow these steps:

[code language=”bash”]cd /opt/zimbra/data/spamassassin/localrules/
wget -N https://www.pccc.com/downloads/SpamAssassin/contrib/KAM.cf
zmamavisdctl restart[/code]

In this way, we can implement subject based mail filtering in Zimbra server. I hope this post has been informative and useful. Please let me know of your suggestions or queries in the Comment Section below. Thank you!




Comments

One response to “Blocking Mails Based on Subject in Zimbra”

  1. vient Avatar
    vient

    HI Admin,
    Thank for your article, but i can not block any spaming email with subject or body although i did same as this article.
    Could you help me.

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *