Trusted sender listed but still blocked as spam
Question asked by Jon Eastwood - February 6, 2015 at 8:45 AM
Unanswered
I was always under the impression that if an email address was added to the trusted sender list it would bypass any spam filtering?
 
I have a client who is trying to receive an email but its keeps bouncing back as the sender is on a spam black list:
 
[2015.02.06] 09:09:09 [213.171.216.60][61689255] rsp: 554 Sending address not accepted due to spam filter
[2015.02.06] 09:09:09 [213.171.216.60][61689255] Mail rejected due to SMTP Spam Blocking: * SpamCannibal, * UCEProtect Level 1, * UCEProtect Level 2
 
So I told the client to add the sender email to the trusted sender list but it still bounces back.
 
Is there no way I can get this address to bypass spam filtering else whats the point of the trusted sender list?
 
Thanks

8 Replies

Reply to Thread
0
Rod Lasky Replied
Employee Post
Hi Jon.  Trusted Senders are not applied to SMTP level spam blocks.  The reason is because the SMTP connection is terminated before SmarterMail ever receives the MAIL FROM command.  Therefore there's no way to identify this SMTP connection with a trusted sender.
Rod Lasky
Technical Support Specialist
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
This seriously needs to be addressed. I remember talk about it in the past as well.
 
Can't believe this is still an issue. Regardless of the why, we need this to happen yesterday.
2
Also I think Smartertools employees are too quick to mark a thread answered. They need to think before reacting.
 
In all threads like this one, when the question contains an obvious feature request then the thread should be changed to an idea.
 
This feature though should almost be considered a bug given the fact that Trusted senders is broken and doesn't not work as implied.
0
Robert Emmett Replied
Employee Post
The incoming spam checks are done after the MAIL FROM command.  We don't know who the recipient(s) are at that point so we can't use the user's trusted senders.  We do check the global trusted senders though and skip the spam checks if that matches the mail from address.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
4
Robert Emmett Replied
Employee Post
Here is our rationale for the way it works currently.  Incoming spam checks are executed presently after the MAIL FROM command if the From address is not on the global trusted senders list (editable by the system admin).  If we were to change the behavior to also process the user's trusted senders list before the spam checks, then this would have to be processed in the RCPT TO command for each user.  This would not let the spam though in and of itself unless it was on the trusted senders list.
 
Logs could potentially increase in size due to the additional entries per user checks.  Moreover, many spammers use a dictionary of users and if they see certain users successfully accept the mail, it may alert them to spam the domain even harder.
 
If there is enough discussion and / or upvotes on this thread / reply then we would certainly readdress the current functionality.  In the meantime, we will modify the help file/KB to clarify how incoming spam checks and trusted senders (global and user) lists correlate.
Robert Emmett
Software Developer
SmarterTools Inc.
(877) 357-6278
www.smartertools.com
1
So do we have any updates on this from SM please?
 
As currently one of my clients is now considering asking us to remove all spam filtering for the entire domain and they run client spam filtering which is daft but they are starting to loose confidence in the spam filtering that I offer them through SM!
 
They say "We are getting increasingly concerned that it may be blocking enquiries and critical correspondence."
 
This is due to the fact they cant add clients to the safe senders list
1
Sorry, but I disagree completely here.  Nothing should ever have to be listed as a "trusted sender."
 
Either it passes the antispam tests, or the sending domain/host resolves the issue(s).
 
Feel free to attack, but this will be my only comment on the topic and I will not respond to flames.
Bruce Barnes
ChicagoNetTech Inc
brucecnt@comcast.net

Phonr: (773) 491-9019
Phone: (224) 444-0169

E-Mail and DNS Security Specialist
Network Security Specialist

Customer Service Portal: https://portal.chicagonettech.com
Website: https://www.ChicagoNetTech.com
Security Blog: http://networkbastion.blogspot.com/

Web and E-Mail Hosting, E-Mail Security and Consulting
1
It would be nice with an option in the "Anti-Spam administration" where we could select if trusted senders should use the classic spam / trusted sender checks like "Reverse Lookup" and "Greylisting" too. My problem is that it's easier to add an email domain to the trusted senders list, than it is to find and add a lot of mail servers IP-addresses to greylisting.
This results in fake senders (spam) from apple.com, gmail.com etc. is received without even checking the reverse lookup which I think is the most important one that I have given a value of 20 in the spam check list.
 
And then I would really like an option to implement my own add-ons / extensions to do spam checks. There is a specific domain name registrar in Melboune that sell spam domain names en mass. So every time I look up the domain name in the who is, Melbourne IT is the registrar and the contact person is just fake. I really hate that they keep selling random domain names just to use for spam.

Reply to Thread