Trusted Sender (System) - Possibly Broken / Needs Tweaking
Problem reported by John Marx - 10/30/2020 at 9:06 AM
Okay, here are the details:

  • Message received from a domain we still receive to (jm2.biz)
  • Rarely do we ever get anything but we used it back in 2013/2014 and is definitely one of our alternate domains we have
  • System says "Trusted Sender (System)"
  • Yet, when you look at the Return-Path, Received: from, DKIM-Signature, Received: by, etc. you can easily tell that it's not originated from the system.

Going further it does "look" like it is legit where I sent it from myself to myself. 

My conclusion, and why I say it is needs fixed, is it is just looking at the From: john@... email domain and determining it is "Trusted Sender (System)". This is not the case. If this is truly from the domain then the backend information needs to match or be marked as "Potentially Phishing Attempt" or something similar.

Am I missing what "Trusted" is or is the system needing a refinement.

Reply to Thread