Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Antispam processing Bitdefender scores (Mail is flagged as spam when it should not be)

Messages: 17
Karma: -2
Send a private message to this user
Hi All

I cannot figure out what I need to do. I have a server in one DC that sends email to our clients on a kerio server in another DC.

I am trying to debug why those emails are all being flagged as SPAM when they should not be.

An example of the header shows that it is the external BitDefender adding a heap of points that is pushing the spam score up but I do not know why or how to find out why.

X-Kerio-Anti-Spam:  Build: [Engines:, Stamp: 3], Multi: [Enabled, t: (0.000010,0.014787)], BW: [Enabled, t: (0.000011,0.000001)], RTDA: [Enabled, t: (0.410990), Hit: Yes, Details: v2.4.0; Id: 1vg0001.1b3gt7l7k.1ap; ip(1)], total: 847(700)
X-Spam-Status: Yes, hits=6.0 required=4.7
	tests=KERIO_ANTI_SPAM: 4.000, HTML_IMAGE_ONLY_08: 0.645, HTML_MESSAGE: 0.001,
	MPART_ALT_DIFF: 1.362, T_OBFU_PDF_ATTACH: 0.01, TOTAL_SCORE: 6.018,autolearn=disabled

Do I need to create a custom rule to negate the score added by BitDefender?

I have added the sending server to the Kerio Whitelist, I lowered the KAS rating to Moderate, but still getting the same score.

Assistance please. Recommendations on using BitDefender vs Spam Assassin (I am tempted to disable KAS and just use SpamAssassin)



Pavel Dobry (Kerio)

Messages: 5186
Karma: 245
Send a private message to this user
If you are using a front-end SMTP server that forwards all emails (including spams) to a destination server with Kerio Anti-Spam then cloud service could detect that front-end server as a spamming IP address and put to a blacklis. Which most likely happened there.
We are working closely with Bitdefender for creating a whitelist setting. Until then it is not recommended to use Kerio Anti-Spam behind a front-end that passes spam emails.

Knowledge Base:
Technical support:
Stay Connected Anytime, Anywhere. Discover Kerio Cloud!

Messages: 17
Karma: -2
Send a private message to this user

The kerio server is one of many server services that we provide.

There is no front end server. It is simply another server sending email to our kerio server. I just happen to manage both.

Having configured the non-kerio server ip address in the whitelist of kerio servers i would expect that mail would be accepted, but it is still being rated as spam and blocked.

Yes there is a lot of email, but that includes a lot of logging messages from other servers.

I will turn off bitdefender for now and see what happens.



Previous Topic: Per user SPAM black list
Next Topic: Restrict outgoing email to local IP and device ID
Goto Forum:

Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Mar 27 22:21:02 CEST 2017

Total time taken to generate the page: 0.00398 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.