There seems to have been a cascade of SPAM over the last couple of days so I implemented some more anti-spam controls:

In /opt/zimbra/data/spamassassin/localrules/local.cf

I have:

 

score URIBL_BLACK 3.250

score RAZOR2_CHECK 3.250

score PYZOR_CHECK 3.250

score BAYES_999 4.000

score BAYES_99 4.000

score BAYES_60 2.250

score BAYES_50 1.500

score BAYES_00 -0.500

#

I have also created files:

 /opt/zimbra/blacklist and

/opt/zimbra/whitelist

These have been specified in:

/opt/zimbra/conf/amavisd.conf.in

the config in /opt/zimbra/conf/amavisd.conf.in reads:

read_hash(\%whitelist_sender, ‘/opt/zimbra/whitelist’);

read_hash(\%blacklist_sender, ‘/opt/zimbra/blacklist’);

The content of the files is for example:

/opt/zimbra/blacklist:

# please run zmamavisdctl restart as zimbra user to make this work.

topica.com

hexis.co.uk

newchickennews.com

dan-bunkering.com

In /opt/zimbra/conf/salocal.cf.in I have set some more spam rules

body TOPICA_RULE    /topica.com/i

describe TOPICA_RULE Spam delivered from prolific spammer

score TOPICA_RULE   100.5

uri TOPICA_RULE2    /topica.com/i

describe TOPICA_RULE Spam delivered from prolific spammer

score TOPICA_RULE2   100.5

uri TEST_RULEX    /testspamdomain.com/i

describe TEST_RULEX Spam delivered from prolific spammer

score TEST_RULEX   100.5

uri EMV3_RULE    /emv3.com/i

describe EMV3_RULE Spam delivered from prolific spammer

score EMV3_RULE   100.5

header EMV2_RULE  ALL =~ /emv2\.net/i

describe EMV2_RULE Spam delivered from prolific spammer

score EMV2_RULE   100.5