Problem with sending email to smtp mail server from network with poor reputation.

Unanswered Question
May 22nd, 2009

I'm trying to configure spam blocker. Unfortunetly when sending mail from my home network (tcpnet.pl) and trying to get access to my mail server I get message.

Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.

I know that my provider is very well known as a spam sender, But I just want to use my mail server to send messages. Spam blocker catch all incoming messages to my mail server at port 25 ( include messages that have to be relaied at mail server) and dropped messages when came from my home provider.

How can I reconfigure spam blocker to accept message with defined senders even if senders network is blacklisted.

(sorry for my english, hope you understand what i was trying to descript.)

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jhogue Fri, 05/22/2009 - 10:38

Hi there,

I completely understand what you're asking about! I believe you can use an incoming mail policy to achieve the desired result. You should be able to configure your home email address as a sender and permit all messages (spam positive or spam suspect) to be delivered regardless of the reputation score of the sending MTA.

Let me know if that doesn't help,

Jonathan

krzysztof.labiak Wed, 05/27/2009 - 16:46

Hi,

Thanks for answer. Unfortunately adding e-mail address as a sender in mail policy doesn't help. I think that the first criterion to recognize unwanted messages are rules in SenderBase algorythm. If SenderBase recognize message as a spam, the Cisco Blocker doesn't get additional policy from Incoming Mail Polices. My problem is partly resolved by adding New Mail Flow Policy with parameter "Use SenderBase for Flow Control" set to off and add new Sender Group in HAT Overview with Sender List: .tpnet.pl. Messages send from my home network are relied property, but unfortunately some spam too (Iron-Port Antispam sometimes is not so good as SenderBase). Additional problem can appear users, who want to send e-mail via SMTP from other networks with low reputation score (not tpsa). All I wanted was to make a rule to disable SenderBase (not IronPort Anti-Spam) scanning, when mail comes from users with address @mydomain.pl. Hope it is possible in Cisco blocker.

Thanks for any suggestions.

Kris.

adam.barker Tue, 06/02/2009 - 07:48

Kris

I wouldn't recommend turning senderbase off, as it the strongest engine within Ironport and also the most accurate.  To achieve your desired result, you should add the IP address of your mail server to the whitelist in the HAT table, however you should edit the associated "Trusted" mail flow policy and enable spam detection within this policy.

You'll still have senderbase enabled, though your whitelisted addresses will bypass senderbase and then be checked by Ironport spam engines.

Let me know if that makes sense.

Regards

Adam

Your target is easy to achive if you are using a permanent IP address: Put a Whitelist in your HAT and configure the Mailflow Policy not to check the SBRS (SBRS none). The MFP will match based on the SBRS or the Sender Address. Therefore, you have to list your IP-Address in the Sender Address Filed. If you put this MFP on Top of all your other MFP this configuration will work.

This does not turn off SBRS check for all senders. Only for those who have a match in your Whitelist.

Edgar

Actions

This Discussion