Trusted sender intermittently being ignored
Problem reported by mark - May 4 at 2:05 AM
Since upgrading to SM16 we've had several complaints from customers receiving emails marked as SPAM in the subject line even though the senders domain is white listed. 
Here are two samples from the delivery logs taken this morning - the same sender, the same recipient - one email marked as SPAM and the other not:
This message processed correctly with senders domain clearly marked as trusted (I've put that line in bold):
[2018.05.04] 00:25:51 [76394] Delivery started for at 00:25:51
[2018.05.04] 00:26:03 [76394] Starting Spam Checks.
[2018.05.04] 00:26:04 [76394] Spam check results: [_REVERSEDNSLOOKUP: passed], [_BAYESIANFILTERING: passed], [_DK: None], [_DKIM: Pass], [BARRACUDA: passed], [SORBS: passed], [SPAMCOP: passed], [ZEN: passed]
[2018.05.04] 00:26:04 [76394] Spam Checks completed.
[2018.05.04] 00:26:06 [76394] Starting local delivery to
[2018.05.04] 00:26:06 [76394] Skipping spam filtering: Trusted Sender (system level)
[2018.05.04] 00:26:06 [76394] Delivery for to has completed (Delivered) Filter: None
[2018.05.04] 00:26:06 [76394] End delivery to (MessageID: <1.dbca1a5492a9552cba6c@GASRV-MAMapp>)
[2018.05.04] 00:26:09 [76394] Removing Spool message: Killed: False, Failed: False, Finished: True
[2018.05.04] 00:26:09 [76394] Delivery finished for at 00:26:09             [id:x66889376394]
Another message from the same sender to the same recipient sent two hours later (subject prefixed as SPAM-MED, senders domain should be trusted):
[2018.05.04] 02:53:38 [76946] Delivery started for at 02:53:38
[2018.05.04] 02:53:50 [76946] Starting Spam Checks.
[2018.05.04] 02:53:50 [76946] Spam check results: [_REVERSEDNSLOOKUP: passed], [_BAYESIANFILTERING: passed], [_DK: None], [_DKIM: Fail], [BARRACUDA: passed], [SORBS: passed], [SPAMCOP: passed], [ZEN: passed]
[2018.05.04] 02:53:50 [76946] Spam Checks completed.
[2018.05.04] 02:53:53 [76946] Starting local delivery to
[2018.05.04] 02:53:53 [76946] Delivery for to has completed (Delivered) Filter: Spam (Weight: 16), Action (Global Level): PrefixSubject [-SPAM-MED-]
[2018.05.04] 02:53:53 [76946] End delivery to (MessageID: <1.8222fd94e66c2fbef7f4@GASRV-MAMapp>)
[2018.05.04] 02:53:56 [76946] Removing Spool message: Killed: False, Failed: False, Finished: True
[2018.05.04] 02:53:56 [76946] Delivery finished for at 02:53:56             [id:x66889376946]
I might be missing something, but I can't see any differences between these two messages apart from the missing entry that indicates "Skipping spam filtering".
This is causing some issues with systems that collect and process incoming emails automatically - they expect the subject line to be unmolested but SM16 is prefixing some of these subject lines and not others.
I'd be very grateful for any suggestions.

2 Replies

Reply to Thread
Nicolas Fertig Replied
Not 100% sure but I think SPF and DKIM fails are not bypassed for the trusted senders.

It looks on your second message that DKIM check has failed.
Matt Petty Replied
Employee Post
Correct, if either of those 2 fail then we cannot trust the validity of the sender and thus we don't trust it. Having this mechanism in place prevents an otherwise easily abuse-able way to guarantee spam delivery to a mailbox.
Matt Petty
Software Developer
SmarterTools Inc.
(877) 357-6278

Reply to Thread