We have a primary mail server (MailEnable Professional) and a fallback/secondary mail server (MailEnable Standard). The fallback is smart hosted received emails to the primary server. The primary server hasn't whitelisted the fallback, and has the out-of-the-box anti-spam features enabled and configured.
We are facing a lot of SPAM that is on purpose delivered to the fallback, and then smart hosted to our primary server. Due to that smart host action, two Recieved headers are applicable, the first is our own fallback, the second is the source when the email entered the internet. See two examples below.
Example 1
Code: Select all
Received: from mail2.myowndomain.com ([22.22.22.x]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 15:07:07
Received: from [194.225.232.45] ([194.225.232.140]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 15:07:23
Received: (from apache@localhost) by odysseyexpeditions.com (8.14.7/8.14.7/Submit) id
Example 2
Code: Select all
Received: from mail2.myowndomain.com ([22.22.22.x]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 13:31:02
Received: from [42.114.33.200] ([42.114.33.200]) by myowndomain.com with MailEnable ESMTP; Tue, 25 Apr 2017 13:31:16
Message-ID: <82C55AE34C1D7CF5B22D943B6A0B82C5@formosalogistics.com>
From: <sinairfreight@formosalogistics.com>
To:
It seems like the DNS Blacklisting feature is only challenging the blacklist with the first IP-address, in our case that of our own fallback mail server. That fallback is not on the blacklist so the email is accepted. But if you check the second (source / origin) IP address against the blacklist, you'll find that that IP is listed.
I suspect this is a bug, because I would expect that all public IP-addresses that are forming the path of a SMTP transaction need to be challenged against the DNS blacklist. Or at least conditionally based on a setting or something.
In case this isn't a feature, and that only the first received header IP is being blacklist challenged, what are my options to counter this spam that flows in via the fallback? And yes, I'm aware that the fallback should counter this spam in the first place
