Reducing Spam Blowback Bounce Messages in Zimbra

With our company’s move to the Zimbra mail server finally complete (and working very well), we noticed an sudden increase of a particular type of spam: fake bounce or mail server error messages.  This was surprising since our old mail and Zimbra both use Spamassassin.  As it turns out, the Zimbra’s default Spamassassin installation relies much more on Bayes analysis, and has “vbounce” and community-based spam filters turned off.

However, it is very easy to turn on false bounce checking.  If your mail server is named “mail.company.com”, edit /opt/zimbra/conf/spamassassin/local.cf and add:

whitelist_bounce_relays mail.company.com
score ANY_BOUNCE_MESSAGE 15

Then run (as the zimbra user):

zmamavisdctl restart

This turns on the bounce rules, designates your mail server as a legal sender of mail error messages, and then gives a heavy score to any other bounce message.  Please back-up your copy of local.cf because it appears to be replaced when you upgrade your Zimbra installation.

For increased community-based searching, the instructions on the Zimbra Wiki work well for the installation of Pyzor on Zimbra 5.0.5.

One response to “Reducing Spam Blowback Bounce Messages in Zimbra

Comments are closed.