Advanced Setting Message Retrieval and Spam
Question asked by Brandon Sandlin - 12/5/2017 at 10:01 AM
So I have an odd situation that may be a bug. We have several domains that we have setup in our configuration, for example, and UserA contains email addresses in both domains; is their primary email and has setup Message Retrieval for the domain. If any other users of the same server, send an email to, the message is marked as spam when it is retrieved from the account. If the UserA logs in to the mail, their email is located in the inbox, with no spam indication. When looking at the raw content of the email in the accound, the no spam indication is due to this 
X-SmarterMail-TotalSpamWeight: 0 (Authenticated)
However, when the email is retrieved (Advanced Settings, Message Retrieval) in the account (and it is set to Enable spam and content filtering), since the original email sender was authenticated, it is marked as spam now since nothing is known about the original sender. 
X-SmarterMail-TotalSpamWeight: 16
X-SmarterMail-Spam: Reverse DNS Lookup, ISpamAssassin 3 [raw: 2], DKIM_None
When sending email to external servers, both SPF and DKIM passes.I find it odd that both Reverse DNS and DKIM fails seeing as how it normally passes when sent externally. If I set the retrieval to NOT enable spam and content filtering, the header looks much like I would expect: 
X-SmarterMail-TotalSpamWeight: 0 (Authenticated)
I have made a slight work-around for this, for when users use a mail client such as Outlook, as that uses SMTP and the whitelist entry for the mail server internal address allows it to bypass the checking. This does not work,however, for those users that use Web mail, as it was received via HTTP.  
Like I said, I am not sure if this is a bug or the intended design, but I figured I would document it just in case someone else is looking for this type of information.

1 Reply

Reply to Thread
Matt Petty Replied
Employee Post
Could you send me the raw content? You can do it via the community if you don't want to lay it out here. 
The problem I see with some of these checks, is that information could change. Like for rDNS for example, doing a reverselookup on a potentially old email could result in a false positive. I'm also noticing that when we run this check at the SMTP level we use their connected ip. When we run on a retrieval all it has to go off of is the received line.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278

Reply to Thread