A company I do occasional ad-hoc consulting for has raised a serious issue concerning emails not being delivered to them, they have asked me to take a look.
I discovered they are running ESET Mail Security on their Exchange 2016 server, I have zero experience with this software.
When checking the mail quarantine list, I found what appears to be some examples of missing emails according to the sender and timeframes given to me.
Strange thing is the emails originate from gmail. Not exactly a blacklisted domain is it?
Here is the error on one of those quarantined emails:
Reason: "Rule system classified mail as SPAM, IP (209.85.208.175) isn't found on cloud black list"
Well if it isn't found on the blacklist, why quarantine it?
This company is suspecting a high volume of missing emails from customers, but of course they cannot tell the extent of it. I am also suspicious it is blocking other good emails.
Any ideas why this software is blocking trusted email? I cannot see anything in the Filtering and Verification list.
Does this software not send a quarantine report to end users? It will be hell to administer if not.
There is a serious routing issue going on in South Africa due to undersea fiber break, for what it is worth - not sure if this could be causing such issues though. But the company seems to agree that these missing emails started before the fiber break. I suppose spf records and IP's could be affected by massive re-routing issues.
Any help will be appreciated.
Thanks.