One of my customers reported that they are receiving a lot of spam despite her mail being filtered through a front end processor.

 

I've been looking into the problem and noticed that spammers are bypassing our filtering system by prepending an apostrophe to the recipient's address. This is something I can fix in the filter. However, while investigating, I saw something unusual going on with the way SmarterMail is handling these messages.

 

It appears that SmarterMail is dropping the leading apostrophe in RCPT T: when expanding the value to the recipient address. The message ends up being routed to the recipient's email. Here's an example from my logs:

 

[2017.10.04] 06:06:27 [198.xx.xx.xxx][40651350] cmd: RCPT To:<'debra@domain.com>
[2017.10.04] 06:06:27 [198.xx.xx.xxx][40651350] rsp: 250 OK <debra@domain.com> Recipient ok

 

I found that even if I create a mailbox for 'debra@domain.com, which is a perfectly valid email address, SmarterMail will still deliver the message to debra@domain.com.

 

SmarterMail is not dropping the apostrophe unless it is the first character of the address in RCPT TO. If I embed an apostrophe in the middle of the user portion of the email address, the message is not modified as it goes through SmarterMail, and will bounce if there is no matching recipient.

 

I also tested outgoing mail, and it appears that this behavior persists for message sent through Webmail, and outbound messages submitted via SMTP.

 

My question is if this behavior is by design, or is it considered a bug? Is there any way to disable this particular behavior?

 

We're running SmarterMail 15.7.6411.

 

Thanks!