PureMessage for Microsoft Exchange: some users receive spam even though anti-spam policy is enabled

  • Article ID: 35590
  • Updated: 25 Aug 2011

Issue
Some users, including those with a Blackberry or other mobile device, continue to receive spam even though anti-spam policy is enabled. This happens to users for whom a forwarding address has been configured.

Sophos product and version
PureMessage for Microsoft Exchange 3.x

Operating system
Windows 2003 SP2

What to do

1. Follow these steps to confirm the cause of this issue:

  • Exchange 2000 or Exchange 2003
    1. Go to Active Directory Users and computers, and for a given user, select the user's properties.
    2. In the '<Username> properties' window, select the 'Exchange General' tab, and select 'Delivery options'.
    3. If you have configured a forwarding address which is in a remote domain, then this user will be experiencing the problem described above.
    4. Follow the procedure in section 2 below 'Add domain to forwarding address'.
  • Exchange 2007
    1. In the Exchange Management Console, go to Recipient Configuration|Mailbox.
    2. For a given user, select the user's properties.
    3. Select 'Mail Flow settings' | 'Delivery options'.
    4. If you have configured a forwarding address which is in a remote domain, then this user will be experiencing the problem described above.
    5. Follow the procedure in section 2 below 'Add domain to forwarding address'.

2. Add remote domain to the mail domains list:

Spam should be filtered at the edge server and mail forwarding rules should be applied on the hub transport server to avoid this problem. If you are unable to do this then add the remote domain to the mail domains list in PureMessage as follows:

  1. Open the PureMessage Console and go to Configuration|System|Routing.
  2. In the Mail Domains section, add the remote domain for the forwarded email identified in part 1,
  3. Save the changes.

Technical Information
The PureMessage anti-spam policy only scans inbound email as classified in Appendix C: How does PureMessage route mail? of the PureMessage for Microsoft Exchange Startup Guide. By default PureMessage classifies messages that are auto-forwarded to a remote domain, as outbound, meaning they are not scanned for spam.  Adding the remote domain(s) means that they are now treated as inbound mail and scanned as such.

This issue may also be seen in the journal mailbox. Refer to the knowledgebase article PureMessage for Microsoft Exchange: spam arrives in the journal mail box even though anti-spam policy is enabled.
Note that applying autoforwarding can also lead to duplication of emails. See the knowledgebase article PureMessage for Microsoft Exchange: Blackberry users receive duplicate emails.


 
If you need more information or guidance, then please contact technical support.

Rate this article

Very poor Excellent

Comments