Skip navigation
McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams
872 Views 2 Replies Latest reply: Jan 24, 2013 12:19 PM by runcmd RSS
runcmd Apprentice 221 posts since
Feb 22, 2006
Currently Being Moderated

Jan 24, 2013 8:22 AM

End User Whitelist and Marketing Emails

Our end user whitelist configuration is by email address and not domain.  Users have been complaining that whitelisting isn't working.  When I researched this issue, whitelisting is actually working just fine.  The most common two causes of whitelist entries "not working" are (1) the sending mail server provides two different local addresses in the transmission process (one for the SMTP connection and another in the envelope) and/or (2) they use a randomly generated character set as a prefix or suffix on the local portion of the email address.  If you look at the sender of an email listed the quarantine release notification, it may look something like 34a29f33e9d_Bob@WhateverDomainSendingMail.com.  When our end user submits the whitelist request on a quarantined message, it's for the randomly generated address.  Then the next message from the same sender, with a different set of randomly generated characters, will be quarantined.  Has anyone else encountered this?  I don't want to change the whitelist configuration to whitelist by domain.  Is there a valid reason that senders do this?  I'm assuming it's somehow used by a marketing department for message tracking but can't figure out how it would be used.  Any information on why message senders would do this and how to work around it would be greatly appreciated.  Thanks!

 

Message was edited by: runcmd on 1/24/13 9:22:08 AM EST

---
Start/RunCMD...
C:\>
ePO v4.5 / MA v4.6.0 / VSE v8.8, P1 / Engine v5400
MEG (IronMail) v7.6-2810
  • ijahnke McAfee Employee 118 posts since
    May 12, 2010
    Currently Being Moderated
    1. Jan 24, 2013 10:51 AM (in response to runcmd)
    Re: End User Whitelist and Marketing Emails

    Its typically caused by some sort of auto-mailer, when this occurs you will have to whitelist its IP address because we do not allow whitelisting based off the 822 address.

More Like This

  • Retrieving data ...

Bookmarked By (0)

Legend

  • Correct Answers - 5 points
  • Helpful Answers - 3 points