Spam Weights
Question asked by YS Tech - 3/10/2016 at 4:34 AM
I've been using SmarterMail for many years now (currently at the latest version), have used Bruce's setup documents, scoured this forum but still have a huge spam, problem.
Probably part of the issue is my understanding of how it works?
If you look in the antispam admin section where all the weights are then you have a weight in there, but when you go to the individual mailbox weights they are completely different! Shouldn't they reflect what you set them to in the main antispam settings?
There are loads in the individuals settings that are 0, so wouldn't that suggest that that filter is not doing anything?
I have around 50-60 spam checks there, surely I should be catching most spam with these?
I get loads of duplicate content spam emails, surely if the email contains the same content (and is sent from a different sending email and ip/server) then it could be classed as spam?
Anyway, the weights issue is the one confusing me, can anyone explain please?

11 Replies

Reply to Thread
Brian Ellwood Replied
I actually brought this up once and I believe it was in the old forums so I can't link to it (either that or "My Activity" is capped to only go back to 2015) but even disabling users ability to override their weights, they don't sync to what the server has set.
It was acknowledged but nothing ever came of it
Matthew Leyda Replied
Another part of this. If you have Custom Rules setup and they get triggered the score doesn't appear to be added to the total Span Score. Also if you have a gateway that does testing and it passes the score to the mail server it gets ignored.
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
Merle Wait Replied
In general settings, you as Admin can determine if the users can over-ride the spam settings or not.
As for the gateway passing score's and getting ignored... in the latest release - that is no longer the case.
As for if the user's were originally allowed to over-ride the settings.. how do they "sync back"; I can not speak to that.
YS Tech Replied
I've always had issues with spam using SmarterMail with regards to Spam its one of the areas that really lets a great bit of software down, so much so that one of my large clients has gone away and installed their own Exchange server (probably no better, but its a lost client because of it).
I'm not a large enough company to subscribe to some of the extortionate systems that claim to clear your mailboxes up before they get to your server, so i'm stuck with a very poorly documented system that doesn't really seem to work.
I still get 100's of spam emails a day and the spam checks (around 60!) I have on catch real emails as well as spam ones, so really its not that effective. You certainly couldn't set it to delete what it thinks is spam. So you end up trawling through all the spam to see if there are any real ones in there, so you may as well have them all come in to the main mailbox, at least you'll see them all when you should.
I don't know what the answer is but other companies allegedly "seem" to be able to provide an effective anti-spam solution.
I have since discovered that if you have a domain set to have the ability to override the spam settings, this will keep all the weights that are set for that domain (which is fine, this was the case with the domain I was looking at earlier). But you need to be aware that if you make any changes to your global anti-spam settings, the domains that have the ability to override spam settings won't receive any of your changes.
Matthew Leyda Replied
Both the Gateway and the Mailserver are running Version 14.5.5871 and its my mail accounts that I known have not been bypassed.
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
Matthew Leyda Replied
Bruce Barnes has done a lot of good work on the Spam Setting. If only the Gateway and Mailserver played better together.
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
YS Tech Replied
Yes, i've been using Bruce's document(s) for many years now. Still a real headache though.
Matthew Leyda Replied
Finally in the next version you can export/import Spam settings. One small step for .....
Kendra Support http://www.kendra.com support@kendra.com 425-397-7911 Junk Email filtered ISP
Richard Frank Replied
What helped me, I sometimes look at the header of passing spam, I look up the originating IP number of the spam on a blacklist monitor.
Often I see that the number is blacklisted on various blacklists. Then I investigate if and how I can use these blacklists services and then I add it to my spam checking list. This way I have a longer list of spam checks.
I also use message sniffer.
If I think a dnsrbl is a bit less used I just add it with just a few points to add to the weight.
Bruce Barnes Replied
When you use only the SmarterMail weights, and my anti-spam settings, then you will not have anything overriding those settings and will, generally, trap 98% of all the spam messages sent your way.
When you introduce external spam filtering, you must be VERY careful NOT to override the SmarterMail spam filter trigger settings, or you will introduce all kinds of issues and problems - and start receiving spam you never dreamed existed.
This is why, when SmarterMail 7,0 was introduced, I decided to see what could be done with their internal settings only.
Now, with the release of Version 15.X (latest version), their antispam and security has gotten significantly better as a single spam filter.
Remember, however, that you MUST be in FULL COMPLIENCE with GOOGLE, YAHOO, COMCAST, and about 14 other large providers or they will deliberately slow down your capability to send to their servers.
Remember, you must also setup SPF, DMARC, and rDNS, pointing to your PRIMARY SMARTERMAIL IP ADDRESS and name, as it is registered with your SmarterTools licensing - they WILL check this, and be fully compliant with the.EU and CANADIAN versions of DOUBLE OPT IN and AUTO-OPT OUT for MAILING LISTS.
  • Remember, many mail servers which handle e-mail for US based companies are located in Europe and/or Canada.  Almost all messages sent through a Blackberry now route through Canadian servers in southwest Canada.
  • Once you route through any of those servers, you, as the MX server operator, become responsible for following THIER RULES, IN ADDITION to all of the US rules.
  • The stronger rule supersedes all other rules, and believe me, the Canadian and UK rules are MUCH more demanding than the US rules.
  • As far as YAHOO is concerned, they want some additional verification:
  • For YAHOO, you MUST have both an PRIVACY POLICY and ACCEPTABLE USE POLICY, posted, and linked via your menu system.  If the page is for a not-for-profit, they also want to see the MISSION STATEMENT.  A real human will review and approve, or disapprove, your YAHOO request..
Here are examples of ChicagoNetTech's PRIVACY and ACCEPTABLE USE POLICIES:
Once again, remember, you must also comply with all of the other items:
For COMCAST, you must NOT allow clients to connect on port 25,  The only traffic that COMCAST allows on port 25 is MX to MX server traffic.  All traffic between CLIENTS and MX servers MUST be handled by PORT 587, the alternate SMTP port which, while it used to be optional, is now MANDATED by the International Engineering Task Force (IETF). 
If a client attempts to send directly to port 25, COMCAST will block the connection, via their network, and not notify either the sender or intended receiver.  This has helped them cut spam down by a huge percentage in their systems, giving them data time to send more legitimate messages.
Comcast also prefers that all connections are TLS ENCRYPTED to further protect the data and network, but are not, as of yet, blocking based on this.
Please, don't shoot me, or attack me, I am only the messenger here!
I am awaiting a BETA copy of SmarterMail 16.X so I can re-validate all of the antispam settings, revise the document to include the information for SmarterMail 14.X, 15,X and 16.X - eventually dropping all versions except the current and immediate previous version because there is absolutely no reason not to stay current, take advantage of the new features and benefits, and, especially, to take advantage of the new security developments: eg:
  • being able to enforce a secondary login, sent via TXT messages, as is done by FaceBook, my bank, and many other financial sites.
  • enforcement of TLS SECURE PASSWORD connections - already capable, since SmarterMail 13,X.  Works well, and we only had one beef, from a 90 year old customer who needed hands-on assistance to change his mobile devices and desktop to comply.
    • IDS blocks:
    • IMAP
    • SMTP
    • POP3
    • LDAP
    • These are already available, and when properly configured, along with the other SmarterMail BUILT-IN anti-spam tools do a pretty damned good job of protecting both your SmarterMail MX server and controlling the spam received.
For the built-in SmarterMail antispam to work properly, you MUST enable all of the tools, according to my antispam document, which is in the process of being updated,  I will amend this post with the correct link, and name, when it is ready.
I am available to help you configure and monitor your server.   Even though I am a "SmarterTools Product Specialist" I get nothing for the posts and assistance via the SmarterMail portal.

If you require assistance, please send an e-mail to me, via ":support@chicagonettech.com" and I will, at no cost, review with you your issues, providing it goes no longer than ONE HOUR.
Everything after that is BILLABLE TIME, and will be billed via PayPal or SQUARE, depending on a variety of factors.  PayPal is much more efficient at handling international monetary changes on-the-fly, and my preferred payment choice for non-US customers.
I WILL NOT work with someone who wants me to fix their problem and then "second guesses" the work I have been contracted to do.  This has happened four times in the last month, and they are no longer my clients.  If you want me to help you, ask questions, but stay out of the way.  I will document what has to be done, what I am doing as it is done, and the final changes to your server(s).  I will also maintain a complete BACKUP copy of the original server configuration, in case you want to go back to receiving spam or having the original issues.

Good luck!
Bruce Barnes ChicagoNetTech Inc brucecnt@comcast.net Phonr: (773) 491-9019 Phone: (224) 444-0169 E-Mail and DNS Security Specialist Network Security Specialist Customer Service Portal: https://portal.chicagonettech.com Website: https://www.ChicagoNetTech.com Security Blog: http://networkbastion.blogspot.com/ Web and E-Mail Hosting, E-Mail Security and Consulting
Richard Frank Replied
i found that if your customrules get ignored it probably is a rule that is faulty.

Reply to Thread