Back to Community Threads
2
Inbound message delivery
Question asked by Sabatino - 2/16/2022 at 2:34 PM
Unanswered
I have some domains configured with active inbound message delivery

In practice mx of the domain is on my server, but if the user does not exist locally it is forwarded to another server

Everything works, but I have a big doubt.

If a message is sent to a non-existent user on both my server and the relay server, who responds? How.

I did a test and I understand that an smtp session with the forwarder is opened right away. if it replies that it does not exist, it is my server that gives a reply via smtp (no bounce) from an unknown user

The thing is beautiful. But when the message arrives to my server it must first pass the antispam checks, only then is forwarding to the other server tried.
It will take some time to do this.
In all this time the smtp session with the sending server remains open? Am I wrong?
Sabatino Traini
      Chief Information Officer
Genial s.r.l. 
Martinsicuro - Italy

4 Replies

Reply to Thread
0
Sabatino Replied
2/16/2022 at 2:44 PM
I answer myself

[2022.02.16] 22: 23: 15.995 [99750274] [Cyren Client] Done Scanning Message. MessagePath: D: \ SmarterMail \ Spool \ SubSpool1 \ 1339099750274.eml Results AV: Unknown, AS: Unknown
[2022.02.16] 22: 23: 15.995 [99750274] Spam Checks started.
[2022.02.16] 22: 23: 15.995 [99750274] Spam Checks skipped: No local recipients
[2022.02.16] 22: 23: 15.995 [99750274] Spam Checks completed.
[2022.02.16] 22: 23: 15.995 [99750274] Removed from SpamCheckQueue (0 queued or processing)
[2022.02.16] 22: 23: 18.761 [99750274] Added to RemoteDeliveryQueue (1 queued; 0/50 processing)


In practice, just apply cyren to him and skip spam checks

But at this point the doubt remains
What does it apply?
rbl and urirbl?
greylisting?
cyren what? Antivirus or antispam?
Antivirus?
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
0
Matt Petty Replied
2/16/2022 at 4:43 PM
Employee Post
We always check emails for viruses even if they skip spam checks. Cyren might still classify it as spam but when we skip spam checks we ignore cyren's spam results. Just for completeness I'll list the other checks that still happen (if they are enabled) Cyren, Clam, Defender, and Command Line AV.
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Sabatino Replied
2/17/2022 at 2:41 AM
I'm sorry but it's not like that

Here is a log that proves it

I masked the real sender and recipient

Anyway

sender: mitt@mitt.xx

Recipient:

dest@domain.dest

mx of domain.dest my server

but Inbound message delivery another server for users not present on my server

on the other server

dest@domain.dest

does not exist

cyren client identified it as spam

and in fact it doesn't even try to see if it exists on the target server.
It quarantines me outbound spam


I'm okay with it like this. I just like knowing how it works



[2022.02.17] 09:35:39.005 [99752736] Delivery started for mitt@mitt.xx at 9:35:39 AM
[2022.02.17] 09:36:03.053 [99752736] Added to SpamCheckQueue (0 queued; 2/30 processing)
[2022.02.17] 09:36:03.053 [99752736] [SpamCheckQueue] Begin Processing.
[2022.02.17] 09:36:03.053 [99752736] Blocked Sender Checks started.
[2022.02.17] 09:36:03.240 [99752736] [Cyren Client] Start Scanning Message. Enabled Services: All, MailFrom: mitt@mitt.xx, SenderIP: 115.231.154.141, MessagePath: D:\SmarterMail\Spool\SubSpool4\1339099752736.eml
[2022.02.17] 09:36:03.569 [99752736] [Cyren Client] Done Scanning Message. MessagePath: D:\SmarterMail\Spool\SubSpool4\1339099752736.eml Results AV: Unknown, AS: Confirmed
[2022.02.17] 09:36:03.569 [99752736] Spam Checks started.
[2022.02.17] 09:36:03.569 [99752736] Spam Checks skipped: No local recipients
[2022.02.17] 09:36:03.569 [99752736] Spam Checks completed.
[2022.02.17] 09:36:03.569 [99752736] Removed from SpamCheckQueue (1 queued or processing)
[2022.02.17] 09:36:06.053 [99752736] Added to RemoteDeliveryQueue (1 queued; 0/50 processing)
[2022.02.17] 09:36:06.053 [99752736] [RemoteDeliveryQueue] Begin Processing.
[2022.02.17] 09:36:06.053 [99752736] Sending remote mail from mitt@mitt.xx
[2022.02.17] 09:36:06.865 [99752736] [Cyren Client] Start Scanning Message. Enabled Services: All, MailFrom: mitt@mitt.xx, SenderIP: 115.231.154.141, MessagePath: D:\SmarterMail\Spool\SubSpool4\1339099752736.eml
[2022.02.17] 09:36:07.194 [99752736] [Cyren Client] Done Scanning Message. MessagePath: D:\SmarterMail\Spool\SubSpool4\1339099752736.eml Results AV: Unknown, AS: Confirmed
[2022.02.17] 09:36:08.209 [99752736] Spam check results: [_INTERNALSPAMASSASSIN: 5:8], [_CYREN: 30,Confirmed], [_MESSAGESNIFFER: 30,code:60], [MCAFEE: 0,passed], [SPAMHAUS - CSS: 0,passed], [SEM-URI: 0,passed], [SURBL: 0,passed], [URIBL BLACK: 0,passed], [URIBL GREY: 0,passed], [URIBL RED: 0,passed]
[2022.02.17] 09:36:08.209 [99752736] Message flagged for Quarantine
[2022.02.17] 09:36:08.209 [99752736] This message cannot be delivered as it was marked as spam. Weight: 68
[2022.02.17] 09:36:08.209 [99752736] Process delivery status notification step from recipient success. Recipient: [dest@domain.dest], Notify: [], LastError: [550 This message cannot be delivered as it was marked as spam.], RanDomainFilter: [False], RanGlobalFilter: False
[2022.02.17] 09:36:08.209 [99752736] Delivery for mitt@mitt.xx to dest@domain.dest has completed (Bounced)
[2022.02.17] 09:36:08.209 [99752736] Removed from RemoteDeliveryQueue (0 queued or processing)
[2022.02.17] 09:36:09.100 [99752736] Removing Spool message: Killed: False, Failed: False, Finished: True
[2022.02.17] 09:36:09.100 [99752736] Delivery finished for mitt@mitt.xx at 9:36:09 AM    [id:1339099752736]
Sabatino Traini Chief Information Officer Genial s.r.l. Martinsicuro - Italy
0
Matt Petty Replied
2/17/2022 at 8:39 AM
Employee Post
I have a feeling what might be happening here is that the email is skipping inbound spam checks but the email going outbound is still scanned for outgoing spam. 

If that is what's happening here maybe some changes to the language used in the logs to better indicate the type of spam it detected.

"This message cannot be delivered as it was marked as spam."
Vs
"This message cannot be delivered as it was marked as outbound spam." Maybe?
Matt Petty Software Developer SmarterTools Inc. (877) 357-6278 www.smartertools.com
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Configure SmarterMail as a Free Gateway ServerSmarterMail > Server Configuration and Management
Messages to Yahoo! Emails are Temporarily DeferredSmarterMail > Troubleshooting
Cannot Receive Mail MessagesSmarterMail > Troubleshooting
Common Email Delivery ErrorsSmarterMail > Troubleshooting
What Does "Mailbox locked" in the Delivery Logs Mean?SmarterMail > Troubleshooting