I just want to report a spam, or a possible virus (because of the attachment in the message), that we received in the mailbox email@example.com.
It was weird for us to receive this type of message and we wanted to investigate. Take a look at the HEADERS:
From: “Your FedEx” firstname.lastname@example.org
As far as I understand, because of the recipient email@example.com, the message its whitelisted.
I think I understand the reason, but shouldnt at least the AV be available for this type of recipients?
The email its about a FedEx package and asking to print the invoice attached. That seems to me like a virus.
Thats precisely why I am asking if at least the AV could be turned on for ABUSE type of mailbox recipients.
As well as some antispam features in order to reduce the spam messages received there too.
So you want absolutely all messages to be checked for viruses regardless of whitelists?
Do I understand correctly?
Actually I am talking about a whitelisting on your side.
So far, I dont have any whitelist configured on my domains.
I believe you have a rule in CASG to whitelist all messages received by firstname.lastname@example.org.
Thats what the headers I posted before are saying, arent they?
So any email received by email@example.com, seems to be whitelisted.
Even, apparently to me, spam and/or viruses are whitelisted.
Correct me if I am wrong, but thats what the headers I posted above are saying.
I’ll double check but if I remember
are whitelisted by default when you add the domain.
You always can manage it visiting “Recipient whitelist” page for a domain.
You are completely right.
Im very sorry, its just that I didnt add them and thats why I thought it was on your side.
Now I know that every domain added, will automatically have postmaster and abuse mailboxes added in the whitelisting.
In this case, then I guess your questions takes priority:
I believe an optional config next to each mailbox should be set in order to active/inactive the analysis for viruses regardless of whitelisting. Viruses can be nasty. So administrators can decide if activate/disactivate that check. Thats what I think.