Trusted sender listed but still blocked as spam
Question asked by Jon Eastwood - February 6, 2015 at 8:45 AM
Unanswered
I was always under the impression that if an email address was added to the trusted sender list it would bypass any spam filtering?
 
I have a client who is trying to receive an email but its keeps bouncing back as the sender is on a spam black list:
 
[2015.02.06] 09:09:09 [213.171.216.60][61689255] rsp: 554 Sending address not accepted due to spam filter
[2015.02.06] 09:09:09 [213.171.216.60][61689255] Mail rejected due to SMTP Spam Blocking: * SpamCannibal, * UCEProtect Level 1, * UCEProtect Level 2
 
So I told the client to add the sender email to the trusted sender list but it still bounces back.
 
Is there no way I can get this address to bypass spam filtering else whats the point of the trusted sender list?
 
Thanks

27 Replies

Reply to Thread
0
Rod Lasky Replied
Employee Post
Hi Jon.  Trusted Senders are not applied to SMTP level spam blocks.  The reason is because the SMTP connection is terminated before SmarterMail ever receives the MAIL FROM command.  Therefore there's no way to identify this SMTP connection with a trusted sender.
Rod Lasky
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Jon Eastwood Replied
so whats the point of the trusted sender
0
Joe Wolf Replied
I don't mean to step on any toes here, but Rod is correct when he says SMTP Blocking takes preference over Trusted Senders, but he's not correct when he says "the SMTP connection is terminated before SmarterMail ever receives the MAIL FROM command". SmarterMail does not terminate the connection until AFTER the MAIL FROM command is received from the sending SMTP server. It was my understanding that SmarterTools was going to change the behavior of SmarterMail in an upcoming version to have Trusted Senders override SMTP Blocking.
Thanks,
-Joe
0
Jon Eastwood Replied
Thanks Joe, I still would like to know if this is still the case, what is trusted senders supposed to be used for then as I was always lead to believe it was as I had though to allow senders to skip spam checking. The client in question here is trying to get an email to them from their accountant who has sent fine before, I understand the senders host is now black listed but as I said i always thought adding the sender address to the list would solve this, if not whats the point of it?
1
Steve Reid Replied
This seriously needs to be addressed. I remember talk about it in the past as well.
 
Can't believe this is still an issue. Regardless of the why, we need this to happen yesterday.
2
Steve Reid Replied
Also I think Smartertools employees are too quick to mark a thread answered. They need to think before reacting.
 
In all threads like this one, when the question contains an obvious feature request then the thread should be changed to an idea.
 
This feature though should almost be considered a bug given the fact that Trusted senders is broken and doesn't not work as implied.
0
Joe Wolf Replied
You're preaching to the choir sir. I've said for many years the behavior of Trusted Senders should override all spam checks.
Thanks,
-Joe
0
Jon Eastwood Replied
I agree Steve as currently from whats been said the trusted senders list does nothing and for years I have been telling customers this is what they needed to do to get round spam filtering :-)
0
Robert Emmett Replied
Employee Post
The incoming spam checks are done after the MAIL FROM command.  We don't know who the recipient(s) are at that point so we can't use the user's trusted senders.  We do check the global trusted senders though and skip the spam checks if that matches the mail from address.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Steve Reid Replied
Perhaps there needs to be a change in the way it works then? This has gotten me in trouble a few times...
0
Jon Eastwood Replied
ok so now I am confused, as you saying had my client put the sender address in the global trusted senders for the domain this would have worked?
4
Robert Emmett Replied
Employee Post
Here is our rationale for the way it works currently.  Incoming spam checks are executed presently after the MAIL FROM command if the From address is not on the global trusted senders list (editable by the system admin).  If we were to change the behavior to also process the user's trusted senders list before the spam checks, then this would have to be processed in the RCPT TO command for each user.  This would not let the spam though in and of itself unless it was on the trusted senders list.
 
Logs could potentially increase in size due to the additional entries per user checks.  Moreover, many spammers use a dictionary of users and if they see certain users successfully accept the mail, it may alert them to spam the domain even harder.
 
If there is enough discussion and / or upvotes on this thread / reply then we would certainly readdress the current functionality.  In the meantime, we will modify the help file/KB to clarify how incoming spam checks and trusted senders (global and user) lists correlate.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
0
Joe Wolf Replied
No, it would have to be in the System Admin Trusted Senders list to bypass SMTP Blocking.
Thanks,
-Joe
0
Joe Wolf Replied
Robert, I think the current system is half way there. A domain admin should not be able to globally add a Trusted Sender. I think the process should be that SmarterMail allows the RCPT TO: be sent before issuing the 554. Then SmarterMail checks the Global Senders list, and the Trusted Senders list for the recipient domain and user before issuing the 554. That would solve the problem. Right now we have problems diagnosing SMTP Blocking issues when users report that a sender can't reach them... many times the MAIL FROM: is not known or know what the user thinks it should be, and we have no way to search by RCPT TO: because SmarterMail currently terminates the connection before the RCPT TO: command. I see nothing wrong with allowing the connection to continue and allow the RCPT TO: to be received (and checked for the Global and recipient Domain and User Trusted Senders list) and if it's not the 554 response would just as effective at that point. Yes, it's two extra steps, but this would only have to occur if the message met the SMTP Blocking threshold. Problem solved.
Thanks,
-Joe
0
Jon Eastwood Replied
ok so I understand all this now - sort of...but can someone tell me what the heck the point is of the trusted senders list is then if it wont skip spam checks!
0
Joe Wolf Replied
I thought about this overnight and will offer one more suggestion regarding efficiency of SmarterMail. Currently even if a message is on any of the Trusted Senders lists (Global, Domain or User) all spam checks are run on the message, but are just reset to a zero weight. Perhaps SmarterTools should check the various Trusted Senders lists BEFORE running any spam checks. This would improve performance since the spam checks use more server resources than checking Trusted Senders lists. I should also note that even if an address is on a Trusted Senders list it should still be checked for viruses.
Thanks,
-Joe
0
well said joe
0
What Joe said. Trusted senders should be checked before spam and smtp blocking to save server resources but should still be scanned for viruses.
0
Steve Reid Replied
Thanks Joe, what you propose sounds awesome!
0
David Sovereen Replied
We're seeing the problem where messages from Trusted Senders are going into Junk Mail--we don't use SMTP Blocking at all and are still seeing the problem. We are on 13.2.
1
Jon Eastwood Replied
So do we have any updates on this from SM please?
 
As currently one of my clients is now considering asking us to remove all spam filtering for the entire domain and they run client spam filtering which is daft but they are starting to loose confidence in the spam filtering that I offer them through SM!
 
They say "We are getting increasingly concerned that it may be blocking enquiries and critical correspondence."
 
This is due to the fact they cant add clients to the safe senders list
0
Joe Wolf Replied
Post the detailed Delivery Log entry from one of those.
Thanks,
-Joe
0
David Fisher Replied
Hi David, any reason you aren't running v13.3 of SmarterMail?
0
Did anyone find a fix for this yet?
0
Geoffrey Dalman Replied
Ahem ... "In the meantime, we will modify the help file/KB to clarify how incoming spam checks and trusted senders (global and user) lists correlate."

This issue was a huge pain-point for me also.

I really look forward to an increase in the availability of information and help file/KB details about both the problem and what improvements have been made to resolve SMTP blocked Trusted Senders at the 'Domain' and 'User' level.
1
Bruce Barnes Replied
Sorry, but I disagree completely here.  Nothing should ever have to be listed as a "trusted sender."
 
Either it passes the antispam tests, or the sending domain/host resolves the issue(s).
 
Feel free to attack, but this will be my only comment on the topic and I will not respond to flames.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
Lasse Balsvad Replied
It would be nice with an option in the "Anti-Spam administration" where we could select if trusted senders should use the classic spam / trusted sender checks like "Reverse Lookup" and "Greylisting" too. My problem is that it's easier to add an email domain to the trusted senders list, than it is to find and add a lot of mail servers IP-addresses to greylisting.
This results in fake senders (spam) from apple.com, gmail.com etc. is received without even checking the reverse lookup which I think is the most important one that I have given a value of 20 in the spam check list.
 
And then I would really like an option to implement my own add-ons / extensions to do spam checks. There is a specific domain name registrar in Melboune that sell spam domain names en mass. So every time I look up the domain name in the who is, Melbourne IT is the registrar and the contact person is just fake. I really hate that they keep selling random domain names just to use for spam.

Reply to Thread