Solved

Can't tell what device/program is tagging our email as spam

Posted on 2013-07-02
6
710 Views
Last Modified: 2013-11-22
Hello,

We are using a Watchguard Firebox.  We are also using an exchange 2007 server.

Anti-spam is all disabled on the exchange server.

Our watchguard has a whitelist and if a domain is in the whitelist, the email should pass through untagged.

However, a lot of email is tagged [!!Spam] or [!!Blacklisted]

I am not sure what is adding those tags.  Looks like it is not Exchange and the firebox literature says it uses different tags.  Also, when I look at the specific email that is in the whitelist, the log says it is to pass through due to whitelist status.

We are also runnig Kapersky anti-virus.  

Can't figure out what is adding these tags...

THanks,
Bonnie
0
Comment
Question by:Bonnie_K
  • 3
  • 3
6 Comments
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39293074
Do you have an example mail header that includes these tags?
0
 

Author Comment

by:Bonnie_K
ID: 39293082
Yes -

Received: from server1.keene-kelly.local (89.242.6.252) by
 remote.ourdomain.com (192.168.1.3) with Microsoft SMTP Server id
 8.1.240.5; Wed, 3 Apr 2013 23:58:12 -0400
Received: from User ([69.198.53.210]) by server1.keene-kelly.local with
 Microsoft SMTPSVC(6.0.3790.4675);       Thu, 28 Mar 2013 13:38:53 +0000
Reply-To: <barrister_e_f@yahoo.com.hk>
From: Jeff <barrister_edwards_jeff@yahoo.com.hk>
Subject: [!!Spam]The Charity Project
Date: Thu, 28 Mar 2013 08:23:10 -0500
MIME-Version: 1.0
Content-Type: text/plain; charset="Windows-1251"
Content-Transfer-Encoding: 7bit
X-Mailer: Microsoft Outlook Express 6.00.2600.0000
BCC:
Message-ID: <SERVER11JXDvCeqTPca0000164f@server1.keene-kelly.local>
X-WatchGuard-IPS: message checked
X-WatchGuard-Spam-ID: str=0001.0A020203.515CFA55.0014,ss=1,fgs=0
X-WatchGuard-Spam-Score: 0, clean; 0, no virus
X-WatchGuard-Mail-Client-IP: 89.242.6.252
X-WatchGuard-Mail-From: barrister_edwards_jeff@yahoo.com.hk
X-WatchGuard-AntiVirus: part scanned. clean action=allow
Return-Path: barrister_edwards_jeff@yahoo.com.hk
X-MS-Exchange-Organization-SCL: 9
X-KSE-AntiSpam-Interceptor-Info: scan successful
X-KSE-AntiSpam-Version: 4.3.6, 4/4/2013 11:46:08 AM
X-KSE-AntiSpam-Status: Spam
X-KSE-AntiSpam-Method: content [main]
X-KSE-AntiSpam-Rate: 100
X-KSE-AntiSpam-Info: Profiles 44545 [Apr 04 2013]
X-KSE-AntiSpam-Info: Version: 4.3.6 (May 28 2010 16:29:44)
X-KSE-AntiSpam-Info: Envelope from: barrister_edwards_jeff@yahoo.com.hk
X-KSE-AntiSpam-Info: Plgs-Versions: 1.4.3.5, 2.4.3.6, 3.4.3.3, 4.4.3.3,
 8.4.3.3, 16.4.3.6
X-KSE-AntiSpam-Info: {MSGID: Forged Outlook Express}
X-KSE-AntiSpam-Info: {OE without X-MimeOLE}
X-KSE-AntiSpam-Info: {Advanced Mass Sender X-Mailer}
X-KSE-AntiSpam-Info: {Content: Spam}
X-KSE-AntiSpam-Info: Rate: 100
X-KSE-AntiSpam-Info: Status: spam
X-KSE-AntiSpam-Info: Method: content [main]
X-KSE-AntiSpam-Info: DBG v.5. 2910, 1658. R:128,1,128,5,128,128,2,128,0.
X-KSE-Antivirus-Interceptor-Info: scan successful
X-KSE-Antivirus-Info: Clean
0
 
LVL 25

Accepted Solution

by:
Zephyr ICT earned 500 total points
ID: 39293085
X-KSE-AntiSpam = Kaspersky Antispam, so that's probably your culprit ...
0
How Do You Stack Up Against Your Peers?

With today’s modern enterprise so dependent on digital infrastructures, the impact of major incidents has increased dramatically. Grab the report now to gain insight into how your organization ranks against your peers and learn best-in-class strategies to resolve incidents.

 

Author Comment

by:Bonnie_K
ID: 39293121
OK - we only have Kapersky AV installed and I don't see any Kapersky plug-in in outlook.  So I am confused, but now I know where to look.
0
 

Author Comment

by:Bonnie_K
ID: 39293130
I just found that someone installed Kapersky Security for MS exchange servers on the exchange server - so yes it is Kapersky - Thanks again for showing me that the headers give this info.

-Bonnie
0
 
LVL 25

Expert Comment

by:Zephyr ICT
ID: 39293208
No problem, glad you found the answer to your problem :-)
0

Featured Post

Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Outlook 2016 Email address in memory 6 51
IPAD - Send Email to Many Contacts 10 71
Adware on Android hooked into Chrome 6 46
Importing into Yahoo mail 3 73
Follow this checklist to learn more about the 15 things you should never include in an email signature from personal quotes, animated gifs and out-of-date marketing content.
Find out what Office 365 Transport Rules are, how they work and their limitations managing Office 365 signatures.
Many of my clients call in with monstrous Gmail overloading issues with Outlook. A quick tip is to turn off the All Mail and Important folders from synching. Here is a quick video I made to show you how to turn off these and other folders in Gmail s…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question