I am not receiving any alerts from MSME.
When I set the SenderID of Exchange to "Stamp Message with Sender ID result and continuing processing" I starts to receive the alerts.
I noticed on AgentLog from Exchange this:
2013-05-20T18:58:28.918Z,08D01F1274445226,10.10.10.12:25,10.10.10.12:28731,10.10 .10.12,,firstname.lastname@example.org,email@example.com;,sup@mydomain,1, Sender Id Agent,OnEndOfHeaders,DeleteMessage,,Fail_NotPermitted,firstname.lastname@example.org,
Also looking at the Header of the Email I see:
Received: from server (10.10.10.12) by server.laranjeiras.com.br
(10.10.10.12) with Microsoft SMTP Server id 8.3.297.1; Mon, 20 May 2013
Date: Mon, 20 May 2013 15:48:31 -0300
X-Mailer: Microsoft CDO for Windows 2000
Subject: McAfee Security for Microsoft Exchange Alert
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.3790.4913
Received-SPF: Fail (server.domain.com.br: domain of
email@example.com does not designate 10.10.10.12 as permitted sender)
receiver=server.domain.com.br; client-ip=10.10.10.12; helo=server;
X-Auto-Response-Suppress: DR, OOF, AutoReply
Could you please help me with that? I think that it should be testing the SPF as it is internal..
when msme sends an alert it is sending an eml file to the receive connector or the pickup directory if the server is a hub. in both cases the email is going to be treated as external.
This entry doesn't seem related to topic above - this is not notification related this is a spam issue.
From the details it looks like the spam has been marked with the *****spam**** detail in the subject - but the rest of the header detail would need to be checked to see the total score of all the spam traits found.
Then you would have to know what the low score threshold (under which mail is treated as non-spam and allowed through) and then check the score based action which should have happened. - look at Gateway Policy - Antispam Settings.
(It would be good to know exact version details of MSME 7.6 (patches/rus/hfs) and E2007 exact version number).
Again would need to know the spam score on the mails (in the header of the mail items)
But looks like if the spam score is between 5 and 10 - its allowed through.
If the Spam score is above 10 and is not getting deleted ensure HKLM\Software\WOW6432Node\McAfee\MSME - Gateway = 1
(restart service if this needs changed)
Would strongly recommend to get Patch 1 and RU2 installed - these are both available on the McAfee Download Site and accessible with appropriate grant number.
Thanks for getting my post and use it for yourself with another discussion that is not related to my issue.
Could you please open a new Discussion?
I am sorry machamma,Aidan is listening me here so i will post last time and then you may continue your thread.
Registery key HKLM\Software\WOW6432Node\McAfee\MSME - Gateway = 1 Exists.
Email spam score is 7 8 and 9.
Some of then having spam score 7 are also blocked some time.
While spam score 8 and 9 never blocked.
Any suggestion or setting that i shold change.
please suggest me any good workaround because i have to end up this disscussion as per machamma request.
on 5/28/13 5:19:45 AM CDT
Set Low score to "route to user junk folder"
if you have a system spam mailbox or mail enabled public folder for spam then specify that in interface - settings & diags - anti-spam as system junk folder and set low score to "route to system junk folder"