My domain name registrar offers email aliases and forwarding; however, this feature causes my mail server's SPF checks to fail because the registrar's mail relay sends on behalf of the originating server. I fixed it by white-listing the registrar's mail relay IP block in SpamAssassin.
1. Add a "trusted_networks" line to the SpamAssassin config. As of Zimbra 8.5 and later, the reported location to customize SpamAssassin is here:/opt/zimbra/data/spamassassin/localrulesI refer to this article for the latest location for customizing SpamAssassin: https://wiki.zimbra.com/wiki/Anti-spam_Strategies#Customizing_SpamAssassin
Edit the file in here called local.cf and add your "trusted_networks" (example below). You'll notice this file contains a comment at that top that says something like, "This is the place to customize SpamAssassin..." I've also seen a file called user_prefs.cf being used instead. To be honest I don't think the file name matters much because I believe SpamAssassin reads all the cf files in this folder.# TRUST REGISTRAR RELAY
trusted_networks 123.45.6/24
2. Restart Zimbra.su - zimbrazmcontrol restart
FURTHER READING
http://spamassassin.apache.org/full/3.4.x/doc/Mail_SpamAssassin_Conf.html
Related Articles
Virtual PfSense on KVM - VirtI...
Virtualization of pfSense on KVM went smoothly for the most part. PCI pass-through to a network card worked swimmingly, and I adore the new built-in virtio dri...
My Adventures in Spam Blocking
I hate spam. I detest it. And I'm not talking about the scrumptious processed meat product. I think you all know the spam I'm referring to—the kind peddling ...
Zimbra - How to Change MTA EHL...
It's a good idea to match your Zimbra MTA hostname given during an EHLO with the hostname associated with your public IP address.su - zimbrazmprov mcf zimbraMta...
Joomla Running on Nginx and Ub...
What follows is an outline I compiled while researching how to tighten security on a Nginx web server. NOTE 1: Ubuntu 14.04 LTS was used for this. NOTE 2: This ...