SA not marking spam as such after forwarding locally

Tom-

Verified User
Joined
Nov 14, 2014
Messages
21
Here's the situation. I have a forward set up for an address. lets say:

[email protected] > [email protected]

Both forward and info address are on my server. The problem: SA is working fine on any regular address, but not when combined with a forward.
It does seem to mark the original mail as spam, because my 'this is spam' message actually appears in the header.

Example of such a forwarded message's header below. I've altered the server and mail addresses to match my example info above.

Return-Path: <SRS0=BrV8V/[email protected]>
Delivered-To: [email protected]
Received: from mail.mailserver.com
by mail.mailserver.com with LMTP id iPSmJzRoAFw2bQAAtONZJQ
for <[email protected]>; Thu, 29 Nov 2018 23:29:08 +0100
Return-path: <SRS0=BrV8V/[email protected]>
Envelope-to: [email protected]
Delivery-date: Thu, 29 Nov 2018 23:29:08 +0100
Received: from mail.elekworld.com ([150.242.228.98])
by mail.mailserver.com with esmtps (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256)
(Exim 4.90_1)
(envelope-from <[email protected]>)
id 1gSUny-0007M0-Qq
for [email protected]; Thu, 29 Nov 2018 23:29:08 +0100
Received: from MB133.hicom.com (unknown [192.168.68.133])
by mail.elekworld.com (Mail Balance Service Hicom System) with ESMTPS id 17676615E6
for <[email protected]>; Fri, 30 Nov 2018 06:28:00 +0800 (CST)
Received: from mail1.elekworld.com (elekworld.cn [192.168.68.132])
by MB133.hicom.com (Mail Balance Service of Hicom System) with ESMTPS id 202F522328
for <[email protected]>; Fri, 30 Nov 2018 06:27:56 +0800 (CST)
Received: by mail1.elekworld.com (HicomMail, from userid 103)
id A5DCD80D21; Fri, 30 Nov 2018 06:26:42 +0800 (CST)
Received: from luke-virtual-machine (unknown [192.168.68.153])
by mail1.elekworld.com (HicomMail) with ESMTPA id 7839B80D1C
for <[email protected]>; Fri, 30 Nov 2018 06:25:50 +0800 (CST)
Date: Fri, 30 Nov 2018 06:27:55 +0800 (CST)
From: Ashley <[email protected]>
To: [email protected]
Message-ID: <[email protected]>
Subject: ******* Screen Pricing Updated
MIME-Version: 1.0
Content-Type: text/html;charset=UTF-8
Content-Transfer-Encoding: quoted-printable
Forward-Confirmed-ReverseDNS: Reverse and forward lookup success on 150.242.228.98, -10 Spam score
X-Spam-Score: 1.1 (+)
X-Spam-Report: This email has been marked as spam by the anti spam service of
"mail.mailserver.com". You can view the contents of the original message below.
If you have questions about this, please contact ..............
Partial contents spam message: Latest update for ******* screens. S9 Plus US$177.3 S9 US$157.4
[...]
View below for the complete message.
Analyse: (1.1 points, 3.0 required)
pts rule name description
---- ---------------------- --------------------------------------------------
0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked.
See
http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block
for more information.
[URIs: elekworld.cn]
0.0 HTML_MESSAGE BODY: HTML included in message
0.7 MIME_HTML_ONLY BODY: Message only has text/html MIME parts
0.4 HTML_MIME_NO_HTML_TAG HTML-only message, but there is no HTML tag
SpamTally: Final spam score: 1



Was the original message marked as spam when it arrived at [email protected] (which could explain the X-spam report stating that its spam, perhaps?), and the final message which arrived at [email protected] not considered spam because it was locally delivered? I'm not following what exactly is going on here, so any light shed on this would be great :)
 
Top