01-28-2013 07:27 AM
Hi All,
Earlier today our users received an email from Venngo.com which was quarantined by IronPort as suspected spam. We had a similar issue in July 2012 after which Venngo.com was whitelisted and since then all emails were being delivered without any issues except for the one today.
Need assistance to identify what caused the message to be quarantined despite of the domain being whitelisted.
Cisco IronPort C160 Product Information
Model: C160
Operating System: 7.5.1-028
Build Date: 07 Nov 2011 00:00 (GMT -05:00)
Install Date: 30 Dec 2011 18:42 (GMT -05:00)
Thanks!
02-05-2013 04:21 AM
Hi Evan,
I'd assume that Anti-Spam scanning is enabled on your (TRUSTED) mail flow policy applied to the WITHELIST sendergroup. So check your mail flow policy applied on the WITHELIST and disable AS.
Best regards,
Enrico
02-05-2013 06:01 AM
Hi Enrico,
I will give this a shot. Thanks for the insight! Much appreciated.
Best Regards,
Evan
02-06-2013 08:58 AM
Hi Evan,
I had the same issue. In my case the problem was related to reverse DNS lookup. If an email server hosts multiple domains and reverse lookup points to a different one, your whitelist entry doesn't make sense. You can check that by analysing the email header. The sending domain server can be different to the visible domain in the address field. So my solution was to whitelist IP of the sending emsil server rather than domain.
I hope this advice will be usefull for anyone having this problem.
Regards
Mariusz
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide