Hit ENTER after each Tag to add it to your post; Numbers in parentheses represent the Tag's usage.
Well, after a couple of weeks of using Message Sniffer the results seemed really underwhelming with catching 0.02% of Spam, all of which were Outgoing messages (mostly forwarded email). Before giving up on it I decided to take a closer look at Incoming message headers and found the following:
X-SmarterMail-SmartHostSpam: SPF_None, ISpamAssassin 1 [raw: 1], DKIM_None, Custom Rules [BADSUBJECT:7]
X-SmarterMail-SpamDetail: 1.0 EXTRA_MPART_TYPE Header has extraneous Content-type:...type= entry
X-SmarterMail-SpamDetail: 0.0 T_IMAGE_MISMATCH Contains wrong image format for MIME header
Turns out that Message Sniffer is doing what it is supposed to do with Incoming mail but since we use Smarthost Incoming Gateways that perform the majority of Spam checks before handing them off to our SmarterMail Enterprise v15 server the results and score from Message Sniffer is not being added to the SmarterMail TotalSpamWeight. In the header excerpt above the Smarthost passed the score of 8 to our SmarterMail Enterprise server which then ran the Message Sniffer which should have added another 30 to the weight for a TotalSpamWeight of 38 which would have not been delivered to our customer Inboxes with a 10/20/30 threshold. However, it is clearly not being applied towards the TotalSpamWeight at all for Incoming messages and is only being applied to Outgoing messages.
(And yes, I added the IP Addresses for our Incoming Gateways to the GBUdbIgnorelist.txt)
I noticed recently that the documentation for SmarterMail since v13 is now saying that it is highly discouraged to run a Smarthost as an Incoming Gateway to SmarterMail. Considering the ever growing list of unresolved issues caused by this configuration since v8 and now this, I'm beginning to strongly agree.
Is there a solution to this, as the only configurable file for Message Sniffer in SmarterMail that I can find is the GBUdbIgnorelist.txt (other than the SECURITY > ANTISPAM ADMINISTRATION of course)?