Legit Email Being Moved to User Junk Folder (Network Steve Forum)

Legit Email Being Moved to User Junk Folder

I am not sure if this is the correct forum to ask this or not. So if this needs to be moved, would a moderator please move it.

What we have is a user is seeing certain email from the internet being placed into the user junk folder. The user uses the OWA not outlook. Our setup is exchange 2013 SP1 with a 2 member DAG. We do use Mcafee's Security for Exchange but when the headers of the legit email are viewed, Mcafee's Security does NOT scan it AND Mcafee Security is NOT set to deliver SPAM to the user junk folder. We have the malware option of Exchange disabled. The scanned header part of the legit email says it uses spamassassin. Here is the full header with sensitive info removed:

Message-ID: <5485A948.7050303@david-woolley.me.uk>
Date: Mon, 8 Dec 2014 13:36:08 +0000
From: David Woolley 
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
 rv:31.0) Gecko/20100101 Icedove/31.2.0
MIME-Version: 1.0
To: Duncan Anderson <support@pidgin.im>
Subject: Re: cant access Pidgin
References: <00dd01d012ea$d049d050$70dd70f0$@hiroseuk.com>
In-Reply-To: <00dd01d012ea$d049d050$70dd70f0$@hiroseuk.com>
Precedence: list
Reply-To: <support@pidgin.im>
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain; charset="windows-1252"; format=flowed
Errors-To: support-bounces@pidgin.im
Sender: Support <support-bounces@pidgin.im>
X-MS-Exchange-Organization-Network-Message-Id: long-alphanumeric-number
X-MS-Exchange-Organization-AuthSource: 2ndDAGmember.domain.com
X-MS-Exchange-Organization-AuthAs: Anonymous

There aren't any rules on the exchange server. Does exchange do any form of spam scanning?
We do not have an edge server.

Edited by forgiven Monday, December 08, 2014 4:19 PM

December 8th, 2014 5:54pm

Hi,

According to your posting, I noticed that there are two third-party value in the message header:

X-Pidgin-SpamProbe: GOOD 0.0000010 9a9e88a5e77c0f07e773e841e70ec91b

X-Pidgin-Spam-Flag: Clean

Generally, we can use the X-MS-Exchange-Organization-SCL value in message header to check whether the message is spam message in Exchange environment. I am not familiar with the X-Pidgin-Spam-Flag value which may be a value for a third-party spam filter. For more information about SCL in Exchange server, please refer to:

http://technet.microsoft.com/en-us/library/aa995744(v=exchg.150).aspx

If the issue only happens to a specific user and specific messages which are send from specific senders, we can add these senders in a Safe Sender list in your Anti-Spam program to have a try.

Free Windows Admin Tool Kit Click here and download it now

December 9th, 2014 11:59am

Hi,

According to your posting, I noticed that there are two third-party value in the message header:

X-Pidgin-SpamProbe: GOOD 0.0000010 9a9e88a5e77c0f07e773e841e70ec91b

X-Pidgin-Spam-Flag: Clean

Generally, we can use the X-MS-Exchange-Organization-SCL value in message header to check whether the message is spam message in Exchange environment. I am not familiar with the X-Pidgin-Spam-Flag value which may be a value for a third-party spam filter. For more information about SCL in Exchange server, please refer to:

http://technet.microsoft.com/en-us/library/aa995744(v=exchg.150).aspx

If the issue only happens to a specific user and specific messages which are send from specific senders, we can add these senders in a Safe Sender list in your Anti-Spam program to have a try.

Issue happens to only 1 user that I am aware of (no other user has compained about tis issue) and comes from many different senders. Can we turn off/disable exchange spam scanning without causing any damage or performance problems?

December 10th, 2014 9:52pm

This topic is archived. No further replies will be accepted.