Back to Community Threads
1
RBL lookups in SmarterMail
Question asked by Jay Altemoos - 5/11/2017 at 8:58 AM
Unanswered
So I have been trying to determine why spam emails that get through to our users inbox. Currently we are running SmarterMail Enterprise Edition Version 15.5.6284. Checking through my Delivery logs this morning I see that one of the obvious spam emails is getting through with a low enough score to deem it as Low Level Spam when clearly it should have been scored much higher.
 
So I did a lookup on MXToolBox for the server it is sent from mail.masteringtheskins.com and it's labelled on several RBL's, one of them being Spamhaus ZEN. So looking through the Delivery Log on this particular example I see this entry: [SPAMHAUS - ZEN: passed]
 
So just some insight here, our setup for SmarterMail does not use public DNS like Google, etc., we have our DNS servers at the office with public IP's and have SmarterMail configured to use them. I know from past posts on RBL lookup issues that too many lookups from a publicIP may be blocked at some point due to too may requests.So why is it that email is listed as passed in SmarterMail when clearly it should not have been? Anyone else run into this? Is there a log in SM that I can look at to determine whether or not RBL lookups are either rejected or failing? I didn't see anything obvious on this. I have all of our logs set to Detail.

4 Replies

Reply to Thread
0
Jay Altemoos Replied
5/11/2017 at 9:26 AM
Also just to add to this, all the RBL's and URIBL's I have listed in the Antispam section all have decent times in ms listed. So it's not like any of them have blank times or highlighted red. So it's mystery as to why SM thinks this domain passed when clearly it should not have. If the RBL lookups for said emails are not included in the log anywhere, then really they should be.
0
User Replied
5/11/2017 at 12:02 PM
Hi Jay. How long was it from the time you received the message to the time you checked it on MXToolBox? Is it possible that the IP was not on Zen when the message came in and by the time you checked it on MXToolBox, Zen finally picked it up as spam? I'm asking because I see this happen all the time. :)
0
Jay Altemoos Replied
5/11/2017 at 2:07 PM
Good afternoon Linda. Thank you for the reply, I checked MXToolBox about a 1/2 hr. after the message arrived here. So it's possible ZEN took that long to publish it. There was 4 other RBL's that they showed up on that we check too. So it was just really odd. So you're answer is most likely the case here. I blacklisted the IP it was being sent from so it's all set now.
0
User Replied
5/11/2017 at 2:46 PM
Good deal Jay! Btw.. do you use Declude? I'm asking because we offer it free and we also have another free program that you can use with it called The Gauntlet. It helps prevent things like this. If you want to read about it, visit our site at http://mailsbestfriend.com/downloads and look in the Gauntlet section. There is an instruction manual which will show you how it works and how to set it up if you want to give it a try. Again, we offer all of this 100% free.
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Cannot Send Email MessagesSmarterMail > Troubleshooting
Slow 250 response after Mail From command is issued during an SMTP session.SmarterMail > Troubleshooting
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
LDAP Features Within SmarterMailSmarterMail > Server Configuration and Management
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus