This article provides troubleshooting steps to follow when PureMessage for Microsoft Exchange fails to block spam.
In the PureMessage console, work through each of the following in turn, clicking on the appropriate item in the left hand panel as indicated.
- Verify that you have the anti-spam option:
Click 'Transport (SMTP) scanning policy'. Check whether there is an option 'Anti-Spam'. If this is not present, only the Anti-Virus version of PureMessage is installed.
- Check to see if there are inbound messages:
Click 'Activity Monitor'. In the Activity monitor window, check to see if any messages are listed as 'Inbound'. Only messages marked as inbound are scanned for spam content. If messages appear in other columns they are not being scanned for spam.
- Check that the spam rules are up-to-date:
Click 'Help and Information'. Check that the spam rules are up-to-date by scrolling down through Product Information to 'Spam data version'. This should contain today's date, in the format yyyy.mm.dd.xxxxx where xxxxx is the Sophos internal revision number.
- Check that all the domains that route mail through this system are known to PureMessage:
Click Configuration|System, then select Routing. Verify that all of your company's domain names are listed in the 'Mail Domains' list,
otherwise all your email will be considered as outbound and, by design, not scanned for spam content.
- Mail Domains should be the internet facing portion of the email account name (e.g. yahoo.com, example.org, or similar).
- Note: domain.local is not a valid internet domain for mail, nor are any other Active Directory only domains, which cannot receive mail from the internet.
- If you use a hosted email solution or if your email is forwarded to a different email address, make sure you include both of these addresses in the 'Mail Domains' box. For example, if firstname.lastname@example.org is then forwarded by a remote server on to email@example.com you will then need to add domain.com and domain.subdomain.com to the Mail Domains list.
- Check that all upstream mail servers which may be forwarding mail to this system are listed:
In the Routing dialog box, click 'Upstream (Trusted) Relays'.
If you have a frontend (gateway) server or firewall that changes the IP address of where messages appear to be coming from, these must appear in this list for PureMessage to accurately scan messages and determine routing.
- If you are unsure if you have a relay, please view the source of an inbound email (sometimes called the headers).
- Look through the headers for a reference to local IP addresses. These will usually be your relay servers.