How to prevent forwarding of SPAM emails
Question asked by Nicolas Lambert - 4/8/2015 at 6:37 AM
We have a particular domain on our server which is getting SPAMMED big time by some no-life. Those SPAM emails are getting filtered like they should by Commtouch and the other filters we have in place and they always end up in the SPAM folder with like 97 SPAM-Weight.
The thing is, one of those users is forwarding all of his emails to his gmail address. I noticed that since a couple of weeks those SPAM messages always get stuck in the spool at 9/10 recipients. If I inspect the message in the spool I can see that gmail is rejecting the forward from our mailserver:
421 4.7.0 [ 15] Our system has detected an unusual rate of 4.7.0 unsolicited mail originating from your IP address. To protect our 4.7.0 users from spam, mail sent from your IP address has been temporarily 4.7.0 rate limited. Please visit 4.7.0 http://www.google.com/mail/help/bulk_mail.html to review our Bulk 4.7.0 Email Senders Guidelines. f19si10741414qhc.19 - gsmtp
How can we prevent this situation from happening? It would be a disaster to be blacklisted for gmail's servers. We cannot block the SPAMMER's IP or domain since they are changing them everytime and removing the forward to gmail isn't an option.
Could we setup filtering to analyse our outgoing emails or something like that? I know it's possible but i'm just not certain if it would be considered Outgoing SMTP or Incoming SMTP since this is a forward...
Anyone has a fix for this?

4 Replies

Reply to Thread
Employee Replied
Employee Post Marked As Answer
In SmarterMail you can prevent auto forward of spam.  To do this login as the system admin and edit the domain.  Then go to the Technical tab and change the Forwarding Exclusions to "Do not forward Spam Level Low and above".  Once this is saved any email that is marked as low will not be auto forward.  This setting does not stop the users from manually forwarding there email only auto forwarding.
Nicolas Lambert Replied
Great that's exactly what I was looking for. Thank you!
User Replied
Glad I was able to help.
Steve Reid Replied
Why do you not have a delete rule setup for spam over a certain score? With a score of 97 there is no way that email is legit and should be deleted.
I know some people do not want to delete email because they are scared it might be legitimate. But if the score is that high the likelihood of it being actual spam is extreme.
My goal as a mail admin is to kill spam as soon as possible. So I would never have those kind of emails lurking anywhere on my server.

Reply to Thread