Incoming Gateways Having Spam Score Skipped
Problem reported by Scarab - 11/17/2020 at 11:52 AM
Upgraded from SmarterMail Enterprise Build 7523 to Build 7619 middle of last week so being quite a few versions behind we're not entirely sure when this issue was introduced in between, but if you have Incoming SmartHost Gateways that are doing all the Anti-spam tests the score is no longer being picked up by SmarterMail. Instead we get "Spam Checks skipped: IP Spam Bypassed" on all inbound messages from these Incoming SmarterMail Gateways.

In SETTINGS > ANTISPAM > IP BYPASSES disabling the setting BYPASS SPAM CHECKS for the IPs of our Incoming Gateways resolves the issue with "Spam Checks skipped: IP Spam Bypassed"...but it wasn't always this way, and is a recent change as we have had this setting enabled for our Incoming Gateways for years. I believe we had it set this way as some Incoming Gateways (such as our SmartHost Gateways) were running Anti-Spam tests but other Incoming Gateways (such as GSuite) were not. This allowed SmarterMail to know whether to accept the X-SmarterMail-SmartHostSpamWeight and skip further tests or to run Antispam checks of it's own. Somewhere after Build 7619 it won't acknowledge the X-SmarterMail-SmartHostSpamWeight: if the setting BYPASS SPAM CHECKS is enabled.

2 Replies

Reply to Thread
Scarab Replied
Here is an example of the headers when BYPASS SPAM CHECKS is enabled:

X-RBL-Warning: WEIGHT10: Weight of 27 reaches or exceeds the limit of 10.
X-RBL-Warning: WEIGHT20: Weight of 27 reaches or exceeds the limit of 20.
X-Declude-Scan: Outgoing Score [27] at 09:18:59 on 17 Nov 2020
X-SmarterMail-SmartHostSpam: Reverse DNS Lookup [Passed]: 0, Null Sender: 0, ISpamAssassin [raw:4]: 6, SPF [Pass]: 0, DKIM [Pass]: 0, BONDEDSENDER: -15, HOSTKARMA - Yellowlist: 3, MAILSPIKE-WL: -5, Declude: 27
X-SmarterMail-SmartHostSpamWeight: 16
X-SmarterMail-SmartHostSpamSalt: 1327452019
X-SmarterMail-SmartHostSpamKey: 1763337710
X-SmarterMail-TotalSpamWeight: 0 (IP Spam Bypassed) 
Sébastien Riccio Replied
Hi Scarab,

I had a kinda similar problem because there is two place to define antispam bypass and one of them wasn't working until a silent fix was introduced in recent build (but not announced in it's changelog).

We had added by mistake the IP address of our incoming gateway in one of the spam check skip configuration but it wasn't affecting us until this fix, because it wasn't taken into and now it is...

I opened a thread about this is more a monologue as I got no answer and found out myself the culprit.

Kind regards.

Sébastien Riccio System & Network Admin https://swisscenter.com

Reply to Thread