Solved

Can't tell what device/program is tagging our email as spam

Posted on 2013-07-02
6
711 Views
Last Modified: 2013-11-22
Hello,

We are using a Watchguard Firebox.  We are also using an exchange 2007 server.

Anti-spam is all disabled on the exchange server.

Our watchguard has a whitelist and if a domain is in the whitelist, the email should pass through untagged.

However, a lot of email is tagged [!!Spam] or [!!Blacklisted]

I am not sure what is adding those tags.  Looks like it is not Exchange and the firebox literature says it uses different tags.  Also, when I look at the specific email that is in the whitelist, the log says it is to pass through due to whitelist status.

We are also runnig Kapersky anti-virus.  

Can't figure out what is adding these tags...

THanks,
Bonnie
0
Comment
Question by:Bonnie_K
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3
6 Comments
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39293074
Do you have an example mail header that includes these tags?
0
 

Author Comment

by:Bonnie_K
ID: 39293082
Yes -

Received: from server1.keene-kelly.local (89.242.6.252) by
 remote.ourdomain.com (192.168.1.3) with Microsoft SMTP Server id
 8.1.240.5; Wed, 3 Apr 2013 23:58:12 -0400
Received: from User ([69.198.53.210]) by server1.keene-kelly.local with
 Microsoft SMTPSVC(6.0.3790.4675);       Thu, 28 Mar 2013 13:38:53 +0000
Reply-To: <barrister_e_f@yahoo.com.hk>
From: Jeff <barrister_edwards_jeff@yahoo.com.hk>
Subject: [!!Spam]The Charity Project
Date: Thu, 28 Mar 2013 08:23:10 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
BCC:
Message-ID: <SERVER11JXDvCeqTPca0000164f@server1.keene-kelly.local>
X-WatchGuard-IPS: message checked
X-WatchGuard-Spam-ID: str=0001.0A020203.515CFA55.0014,ss=1,fgs=0
X-WatchGuard-Spam-Score: 0, clean; 0, no virus
X-WatchGuard-Mail-Client-IP: 89.242.6.252
X-WatchGuard-Mail-From: barrister_edwards_jeff@yahoo.com.hk
X-WatchGuard-AntiVirus: part scanned. clean action=allow
Return-Path: barrister_edwards_jeff@yahoo.com.hk
X-MS-Exchange-Organization-SCL: 9
X-KSE-AntiSpam-Interceptor-Info: scan successful
X-KSE-AntiSpam-Version: 4.3.6, 4/4/2013 11:46:08 AM
X-KSE-AntiSpam-Status: Spam
X-KSE-AntiSpam-Method: content [main]
X-KSE-AntiSpam-Rate: 100
X-KSE-AntiSpam-Info: Profiles 44545 [Apr 04 2013]
X-KSE-AntiSpam-Info: Version: 4.3.6 (May 28 2010 16:29:44)
X-KSE-AntiSpam-Info: Envelope from: barrister_edwards_jeff@yahoo.com.hk
X-KSE-AntiSpam-Info: Plgs-Versions: 1.4.3.5, 2.4.3.6, 3.4.3.3, 4.4.3.3,
 8.4.3.3, 16.4.3.6
X-KSE-AntiSpam-Info: {MSGID: Forged Outlook Express}
X-KSE-AntiSpam-Info: {OE without X-MimeOLE}
X-KSE-AntiSpam-Info: {Advanced Mass Sender X-Mailer}
X-KSE-AntiSpam-Info: {Content: Spam}
X-KSE-AntiSpam-Info: Rate: 100
X-KSE-AntiSpam-Info: Status: spam
X-KSE-AntiSpam-Info: Method: content [main]
X-KSE-AntiSpam-Info: DBG v.5. 2910, 1658. R:128,1,128,5,128,128,2,128,0.
X-KSE-Antivirus-Interceptor-Info: scan successful
X-KSE-Antivirus-Info: Clean
0
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
ID: 39293085
X-KSE-AntiSpam = Kaspersky Antispam, so that's probably your culprit ...
0
PeopleSoft Has Never Been Easier

PeopleSoft Adoption Made Smooth & Simple!

On-The-Job Training Is made Intuitive & Easy With WalkMe's On-Screen Guidance Tool.  Claim Your Free WalkMe Account Now

 

Author Comment

by:Bonnie_K
ID: 39293121
OK - we only have Kapersky AV installed and I don't see any Kapersky plug-in in outlook.  So I am confused, but now I know where to look.
0
 

Author Comment

by:Bonnie_K
ID: 39293130
I just found that someone installed Kapersky Security for MS exchange servers on the exchange server - so yes it is Kapersky - Thanks again for showing me that the headers give this info.

-Bonnie
0
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39293208
No problem, glad you found the answer to your problem :-)
0

Featured Post

Turn Insights Into Action

You’ve already invested in ITSM tools, chat applications, automation utilities, and more. Fortify these solutions with intelligent communications so you can drive business processes forward.

With xMatters, you'll never miss a beat.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Read this checklist to learn more about the 15 things you should never include in an email signature.
This article investigates the question of whether a computer can really be cleaned once it has been infected, and what the best ways of cleaning a computer might be (in this author's opinion).
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

717 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question