We are releasing new version soon, which will have this functionality in UI.
For now - yes please keep posted.
It would be great if you could mark it as ‘caught-missed’ and ‘mx-skipped’
Hi,
I have 4 “caught-missed” and 1 “mx-skipped” from today, but I am not able to send the source through the forum because there is a limit of 4,000 characters. And well, apparently the characters in the SPAM samples are more than that.
What do you recommend?
Ok.
We’ve checked and looks like there where no connectivity issues with our servers.
It means that “mx-skipped” messages where sent directly to your server.
This is possible until you have mail.yourdomain.com as the third MX server.
Spammers also has access to MX and may send spam directly to the third or to all servers in MX.
So if you want to completely avoid this type of spam - remove mail.yourdomain.com from MX.
As for “caught-missed” I think it is better to wait two weeks for a new version.
Thats what I thought. It makes lots of sense. Thank you Kirill.
I understand your suggestion, and thats something I thought before on doing in order to avoid CASG to be bypassed. However, I didnt delete it, because mail.mydomain.com is the final mail server destination route in the ‘Destination routes’ field of CASG UI. This is where the mails are delivered from CASG after appropriate filtering of mails.
Thats the reason why I didnt delete mail.mydomain.com from my MX records list.
What can we do in this case?
Ok, I cant wait until the new release!
Ah, let me explain.
Routes should contain exactly the same records as you had in MX before CASG.
We will use these routes to send messages that had passed filters.
And strictly saying your new MX should not contain old destination servers, only mxsrv*.
However here you have choice:
- Set MX as you did to be completely sure that mail will be delivered even if our network segment (with mxsrv*) is unavailable which is not likely as it is located in US.
- Remove your destination servers from MX and be fully protected.
I completely understand, and I definitely want choice No. 2.
But what I dont understand is, that if I “remove my destination servers from MX”, that means mail.mydomain.com will not exist anymore. How can CASG deliver the messages that where filtered to our servers if mail.mydomain.com doesnt exist anymore?
CASG will deliver taking destination not from MX but from routes you enter in CASG UI
So actually the destination route in CASG UI (which right now I have configured is mail.mydomain.com) its only used by CASG to resolve the IP and forward messages to that IP through the port configured, am I right?
I thought that the destination route in CASG UI was and should be the MX record from the server.
Yes
Should be the old (original) MX record
Great! Thanks Kirill for your help and vital information.
I already made the changes and deleted the MX record for mail.mydomain.com
Now there should be no more direct spamming! 
Hopefully I did everything in the right way.
I just hope not to loose messages that people send us.
I will let you know how it goes with the new changes. Thanks again!
I have a question…
I have this part in a SPAM header:
Authentication-Results: spamgateway.comodo.com;
spf=pass smtp.mailfrom=mezquita.dar.ibrahim@gmail.com
Authentication-Results: spamgateway.comodo.com;
dkim=pass () header.i=gmail.com
X-Qasd-Class: ham
X-Qasd-Evidence: dnswl
X-Recommended-Action: accept
What does DNSWL in the line X-Qasd-Evidence: dnswl, means?
I suppose its stands for “DNS Whitelisted”?
Where do I manage such dns whitelisting?
Or why is the dns whitelisted?
We keep central databases of global IP reputation.
“dnswl” means that the message is very strongly likely not to be spam (because overall we see only not-spam from the source).
We still also apply other filters to it.
There is no direct way to manage this whitelist but reporting messages as spam/not spam will adjust ratios of IP reputation.
Great! And well thought!
Cant wait for next release to start reporting this type of SPAM too.
Thanks for the explanation Kirill.
Hello Kirill,
Any update on the next release?
Kirill,
Hope you are doing good.
I have a list with my feedback, but would like to know if nxt release of CASG its coming soon?
This way I modify my full feedback list, with the new realease.
Also, would like to ask one specific thing about the AV provided in the CASG.
Are you still around here?
Hello? Anyone out there?
You could try a PM w-e-v. Better chance of reaching the devs.
Sorry for delay in response - new version is ready we’re just waiting for some documentation update.
Will be installed in a few days.
we are looking for more feedback pls with the new version.
thank you!
I really want to participate on the new version feedback.
I only hope it is realeased this week so I can test it.