Advanced Setting Message Retrieval and Spam
Question asked by Brandon Sandlin - 12/5/2017 at 10:01 AM
So I have an odd situation that may be a bug. We have several domains that we have setup in our configuration, for example, domain1.com and domain2.com. UserA contains email addresses in both domains; domain1.com is their primary email and has setup Message Retrieval for the domain2.com domain. If any other users of the same server, send an email to UserA@domain2.com, the message is marked as spam when it is retrieved from the domain1.com account. If the UserA logs in to the domain2.com mail, their email is located in the inbox, with no spam indication. When looking at the raw content of the email in the domain2.com accound, the no spam indication is due to this 
X-SmarterMail-TotalSpamWeight: 0 (Authenticated)
However, when the email is retrieved (Advanced Settings, Message Retrieval) in the domain1.com account (and it is set to Enable spam and content filtering), since the original email sender was authenticated, it is marked as spam now since nothing is known about the original sender. 
X-SmarterMail-TotalSpamWeight: 16
X-SmarterMail-Spam: Reverse DNS Lookup, ISpamAssassin 3 [raw: 2], DKIM_None
When sending email to external servers, both SPF and DKIM passes.I find it odd that both Reverse DNS and DKIM fails seeing as how it normally passes when sent externally. If I set the retrieval to NOT enable spam and content filtering, the header looks much like I would expect: 
X-SmarterMail-TotalSpamWeight: 0 (Authenticated)
I have made a slight work-around for this, for when users use a mail client such as Outlook, as that uses SMTP and the whitelist entry for the mail server internal address allows it to bypass the checking. This does not work,however, for those users that use Web mail, as it was received via HTTP.  
Like I said, I am not sure if this is a bug or the intended design, but I figured I would document it just in case someone else is looking for this type of information.

1 Reply

Reply to Thread
Matt Petty Replied
Employee Post
Could you send me the raw content? You can do it via the community if you don't want to lay it out here. 
The problem I see with some of these checks, is that information could change. Like for rDNS for example, doing a reverselookup on a potentially old email could result in a false positive. I'm also noticing that when we run this check at the SMTP level we use their connected ip. When we run on a retrieval all it has to go off of is the received line.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278

Reply to Thread