I will do my best to make this as clear as possible.
This issue does not happen all the time, it is sporadic and on a very low volume email server running SM 12.5.5409.
Example
IP: 160.20.111.5 is on the following blacklists (as well as many others...)
recent.spam.dnsbl.sorbs.net
zen.spamhaus.org
Smartermail is configured to add weights to these RBLs if found on these blacklists.
For some reason unknown to me the following heading is seen for **some** emails
X-SmarterMail-Spam: SPF_None, DKIM_None
Its as if Smartermail cannot see that the IP address is blacklisted, although if I check from the email server I can see that the email server DOES see that the IP is on the two blacklists.
C:\Windows\system32>nslookup 5.111.20.160.recent.spam.dnsbl.sorbs.net
Server: ks31884.kimsufi.com
Address: 213.251.133.164
Non-authoritative answer:
Name: 5.111.20.160.recent.spam.dnsbl.sorbs.net
Address: 127.0.0.6
and
C:\Windows\system32>nslookup 5.111.20.160.zen.spamhaus.org
Server: ks31884.kimsufi.com
Address: 213.251.133.164
Non-authoritative answer:
Name: 5.111.20.160.zen.spamhaus.org
Address: 127.0.0.3
And I know that these blacklist do get triggered in SM
[2019.07.06] 00:01:08 [63593] Spam check results: [GBUDB | +30: passed], [HOSTKARMA-BLACK | +10: passed], [MAILSPIKE-L4 | +10: passed], [MAILSPIKE-L5 | +15: passed], [MCAFEE | +10: passed], [SURRIEL | +10: passed], [ZEN10 | +10: passed], [ZEN11 | +10: passed], [ZEN2 | +10: passed], [ZEN3 | +10: passed], [ZEN4 | +10: passed], [ZEN5 | +10: passed], [ZEN6 | +10: passed], [ZEN7 | +10: passed], [ZEN9 | +10: passed], [_REVERSEDNSLOOKUP: passed], [_SPF: None], [_DK: None], [_DKIM: None], [BACKSCATTER | +4: passed], [BARRACUDA | +10: passed], [BONDEDSENDER | -15: passed], [CBL | +6: passed], [HOSTKARMA-YELLOW | -2: passed], [IADB | -10: passed], [IX | +5: passed], [MAILSPIKE-H1 | -1: passed], [MAILSPIKE-H2 | -2: passed], [MAILSPIKE-H3 | -3: passed], [MAILSPIKE-H4 | -4: passed], [MAILSPIKE-H5 | -5: passed], [MAILSPIKE-L1 | +4: passed], [MAILSPIKE-L2 | +6: passed], [MAILSPIKE-L3 | +8: passed], [MSRBL | +6: passed], [SEM-BL | +7: passed], [SEM-BS | +5: passed], [SENDERSCORE | +5: passed], [SORBS-DUL | +5: passed], [SORBS-NEW | +3: failed], [SORBS-NOMAIL | +10: passed], [SORBS-RECENT | +3: failed], [SPAMCOP | +10: passed], [SPAMRATS | +4: passed], [SURBL128 | +15: passed], [SURBL16 | +15: passed], [SURBL64 | +15: passed], [SURBL8 | +15: passed], [UBL | +4: passed], [UCEPROTECT-1 | +4: passed], [UCEPROTECT-2 | +2: passed], [UCEPROTECT-3 | +2: passed], [URIBL-BLACK | +20: failed], [URIBL-GREY | +5: passed], [URIBL-RED | +5: passed]
and
[2019.07.05] 01:29:01 [63213] Spam check results: [GBUDB | +30: passed], [HOSTKARMA-BLACK | +10: passed], [MAILSPIKE-L4 | +10: passed], [MAILSPIKE-L5 | +15: passed], [MCAFEE | +10: passed], [SURRIEL | +10: passed], [ZEN10 | +10: passed], [ZEN11 | +10: passed], [ZEN2 | +10: passed], [ZEN3 | +10: failed], [ZEN4 | +10: passed], [ZEN5 | +10: passed], [ZEN6 | +10: passed], [ZEN7 | +10: passed], [ZEN9 | +10: passed], [_REVERSEDNSLOOKUP: passed], [_SPF: None], [_DK: None], [_DKIM: None], [BACKSCATTER | +4: passed], [BARRACUDA | +10: passed], [BONDEDSENDER | -15: passed], [CBL | +6: passed], [HOSTKARMA-YELLOW | -2: passed], [IADB | -10: passed], [IX | +5: passed], [MAILSPIKE-H1 | -1: passed], [MAILSPIKE-H2 | -2: passed], [MAILSPIKE-H3 | -3: passed], [MAILSPIKE-H4 | -4: passed], [MAILSPIKE-H5 | -5: passed], [MAILSPIKE-L1 | +4: passed], [MAILSPIKE-L2 | +6: passed], [MAILSPIKE-L3 | +8: passed], [MSRBL | +6: passed], [SEM-BL | +7: passed], [SEM-BS | +5: passed], [SENDERSCORE | +5: passed], [SORBS-DUL | +5: passed], [SORBS-NEW | +3: failed], [SORBS-NOMAIL | +10: passed], [SORBS-RECENT | +3: failed], [SPAMCOP | +10: passed], [SPAMRATS | +4: passed], [SURBL128 | +15: passed], [SURBL16 | +15: passed], [SURBL64 | +15: passed], [SURBL8 | +15: passed], [UBL | +4: passed], [UCEPROTECT-1 | +4: passed], [UCEPROTECT-2 | +2: passed], [UCEPROTECT-3 | +2: passed], [URIBL-BLACK | +20: passed], [URIBL-GREY | +5: passed], [URIBL-RED | +5: passed]
So, what could be the possible reasons for this to occur ?
I have some answers in my head to the above question, but dont want to 'pollute' the thread with these just incase I end up misguiding someone.
And of course, the means to troubleshoot this (as per my own question), is to understand what the possible causes to this may be.
Hope to hear back from someone ...............