Hi Libin,

I did not submit a message recently. My problem is that I can't quarantine messages myself, since I don't own any Cisco products. Last time I had to contact an external consultant to quarantine a FP message submitted from my domain.

I understand that rules have to be dynamic. But to achieve a false-positive rate of less than one in a million, you can't ignore previous tuning improvements. I hope you understand it's very annoying for me to go trough this procedure every once in a while, moreover because I'm not warned in advance. Let alone that I'm experiencing mayor delivery issues due to this.

Please create a permanent solution.

Best regards,

Willem

Willem,

The permanent solution as mentioned last time would be for the receiving domain to bypass anti-spam check for your domain.

As such, no permanent exceptions can be made for a domain to whitelist them completely by Cisco.

A sending domain is not the only criteria checked and hence cannot be used for an exception to allow all emails from a particular domain.

Regards,

Libin Varghese

Libin,

I'm not asking to have my domain white listed nor am I asking for any permanent exception. What I'm asking, is to have mail send from my domain to be judged for spam on content and not judged on TLD only.

How can Cisco decide if a lot of spam comes from .online domains, then all .online domains send spam only?

As I wrote before, I'm using my domain to communicate with my employer, an insurance company, which has me insured and a hospital and many more. The messages, which are sent and 'dropped by CASE' are solicited, legal and desired by the receiving party. Furthermore the receiving iphmx.com servers accept them with a 250 SMTP response. How does Cisco explain, that they are marking legitimate messages as spam, while their servers respond to the sending server that everything is OK?

My current remedie is to attach a 1MB attachment with random content to messages that go through IronPort servers. So basically I'm sending gibberish to circumvent spam marking. How does Cisco explain this?

My final question: What's the use of ICANN issuing new TLD's, if one of the mayor networking hardware supplier decides to bluntly mark mail from these domains as spam and renders these domains as useless?

If Cisco's answer is that the TLD is not the only criteria, than it would be helpful if you send me a private message to explain on what other criteria messages from my server are being marked is spam.

Best regards,

Willem Hexspoor

Willem,

The domain is not the only factor considered and Cisco would not be able to share proprietary information on what is being marked as spam in those emails. 

For the rules used by the antispam engines there could be multiple triggers which are pushing it over a spam threshold score. Description of these rules and triggering content is for internal use only.

Again if there are legitimate emails being caught by these rules then submitting the samples for analysis would be the only way to correct those rules since the rules keep updating dynamically. The rules triggered last time the issue occurred may not be the rules being triggered today,

As for the 250 okay message it confirms the sender IP does not have a poor email reputation at the time, it is a check different from the antispam scanning engine.

- Libin V