Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

Internal user sending e-mail with MailChimp identified as Suspected SPAM

Just wondering what people do when they have e-mails detected as SPAM or Suspected SPAM from spam houses like Mail Chimp.  Is it effective to just report the false positive to

I started down the path of adding the sender to a policy that isn't scanned for SPAM, but they use a different sender address for every e-mail.  I think looked at adding their hosts to a different policy but they have a lot and I would like to still scan their e-mail in general.

Appreciate any input,


Cisco Employee

Internal user sending e-mail with MailChimp identified as Suspec

Hi Jason,

in general, it's good idea to submit false positives to In case your settings are to send suspected Spam and positive Spam into the Spam quarantine, you can enable the checkbox in the quarantine settings to submit messages automatically to Cisco once released. I would recommended to deliver suspected Spam messages in general to users and only send Spam messages into the quarantine. Suspected Spam is merely a grey zone which means that the messages flagged at that are mostly not Spam but share some common similarities with typical Spam messages.

If the Safelist/Blocklist feature is enabled users can add senders in the safelist to ensure mails are delivered to the inboxes. Otherwise you could add the domain name with a leading dot "" into the Withelist sendergroup or any other sendergroup that still does Anti-Spam scanning, but with throttling policy applied.

I hope this helps.

Best regards,


Late to the party, but I had

Late to the party, but I had a thought because I'm in the same boat...

If you're using SPF and/or DKIM and dropping failures, you could add Mailchimp's servers to your records, and then fail everyone else.

You may want to do that anyway to make sure your campaigns get delivered.


I'm going to try this and see how it goes.

CreatePlease to create content