Japanatron Logo

SPF is awesome for stopping delivery of spoofed spam and junk back-scatter, but many of the articles on how to set up SPF in Zimbra are old and out-of-date.  It took a bit of research and trial-and-error, but I finally got it working.

1. Install the SPF module.
apt-get install libmail-spf-perl

2. Add scores to the SpamAssassin config.  This was the hard part because the proper location keeps changing on me.  As of Zimbra 8.5 and later, the reported location to customize SpamAssassin is here:
/opt/zimbra/data/spamassassin/localrules

I refer to this article for the latest location for customizing SpamAssassin: https://wiki.zimbra.com/wiki/Anti-spam_Strategies#Customizing_SpamAssassin

Edit the file in here called local.cf and pop in the scores.  You'll notice this file contains a comment at that top that says something like, "This is the place to customize SpamAssassin..."  I've also seen a file called user_prefs.cf being used instead.  To be honest I don't think the file name matters much because SpamAssassin reads all the cf files in this folder.

The scores should look like this.  Customize them to suit your needs.
# SPF Check
score SPF_SOFTFAIL 2.000
score SPF_FAIL 10.000
score SPF_HELO_FAIL 10.000

3. Restart Zimbra.
su - zimbra
zmcontrol restart

4. Search /var/log/zimbra.log for SPF.  You should see a line in the log that indicates the SPF module is starting.
cat zimbra.log | grep SPF

5. Hopefully you won't receive any more spoofed email.  If you do, then check the mail headers and see if the SPF check is listed.  Perhaps you have to adjust your scores.

UPDATE - 2014/10/23
I updated this article for Zimbra 8.5 running on Ubuntu 14.04.

UPDATE - 2015/2/20
Tested and working with Zimbra 8.6.

Related Articles

My Adventures in Spam Blocking

I hate spam.  I detest it.  And I'm not talking about the scrumptious processed meat product.  I think you all know the spam I'm referring to—the kind peddling ...

Zimbra - Add Trusted Relay to ...

My domain name registrar offers email aliases and forwarding; however, this feature causes my mail server's SPF checks to fail because the registrar's mail rela...

Combine Image File and Audio F...

I wanted to figure out a way to quickly and easily combine an image file (jpg) and audio file (mp3) into a video file (mov) using the free media converter tool ...

Zimbra - How to Stop Automatic...

By default Zimbra automatically discards inbound mail that receives a high spam score (aka "super spam").  Although the score is configurable up to 100, this de...