Showing results for 
Search instead for 
Did you mean: 
Level 7

Unsure if some messages are being filtered

There are quite a few spam messages getting through that don't include the "X-Spam" line in the headers, so I was hoping someone could take a look and let me know if it actually went through the McAfee system or not. Our firewall is locked down to McAfee's IP addresses and you can see that it was received through their servers, but according to McAfee's KB article it must contain the X-Spam line or else something is wrong. That part has me a bit confused, so any help would be appreciated.


Received: from ( by

(InternalIP) with Microsoft SMTP Server (TLS) id 14.2.347.0; Fri, 11 Apr

2014 07:30:31 -0500

Received: from unknown [SpammySendersIP]          by          with SMTP id (envelope-from

<>);          Fri, 11 Apr 2014 06:30:30 -0600 (MDT)

From: =?utf-8?B?RNGWc2NvdW50ZWQg0KLRlnJlcw==?= <>

To: My User <>

Subject: =?utf-8?B?zp1lZWQgzp1ldyDQotGWcmVzPyBHZXQg0KJoZSDQkmVzdCBEZWFscyBPbiBH?=


Thread-Topic: =?utf-8?B?zp1lZWQgzp1ldyDQotGWcmVzPyBHZXQg0KJoZSDQkmVzdCBEZWFscyBPbiBH?=


Thread-Index: AQHPVYHU5Oo11yF0VkiDPrfmBSd5gQ==

Date: Fri, 11 Apr 2014 12:15:23 +0000

Message-ID: <>

Content-Language: en-US

X-MS-Exchange-Organization-AuthSource: MyInternalServer.local

X-MS-Has-Attach: yes


received-spf: SoftFail ( transitioning domain of does not designate SpammySendersIP as permitted sender)

x-mail-from: <>

Content-Type: multipart/related;



MIME-Version: 1.0

0 Kudos
1 Reply
Level 12

Re: Unsure if some messages are being filtered

Hi sfcanderson,

This received by line confirms the message went through the SaaS filter:          with SMTP id

Some servers can be configured to remove extreneous x- lines (I had a similar misconfiguration on my postfix server, and it took a while to figure out the issue).

0 Kudos