Background: Test domain spoofing rule. Have Axence NetToosl to do ping check, remove the mail settings from using the relay, Email will now appear as spoofed, should apply rule and set SCL to 8 and send to junk.
I have a mail transport rule to prepend a “highly possible spoofing” header, this rule also applies SCL to 8 – which should throw it into junk. When looking at a spoofed Email, SCL = -1…wth?
I did a trace, and it processes through rules as it should and is processed and seems to apply the SCL of 8 through this processed rule..” **Set Spam Confidence Level. Transport rule: ’Domain Spoof Prevention’,** ”
Looking at the message headers from my outlook client:
Received: from SERVER-UTIL3 (IP ADDRESS HERE) by
name.mail.protection.outlook.com (IP ADDRESS) with Microsoft SMTP
Server id 15.20.xxx0.2 via Frontend Transport; Thu, 7 Feb 2019 17:40:10 +0000
X-Mailer: Axence nVision http://axence.net
From: “email@example.com” <firstname.lastname@example.org>
Subject: netTools test message
X-MS-Exchange-Organization-SCL: -1 …R:INB;SFP:;SCL:-1;SRV….
Received-SPF: Fail ([protection.outlook.com](https://protection.outlook.com): domain of domain.com does not
designate 207.xx.xx.xx as permitted sender) [receiver=protection.outlook.com](https://receiver=protection.outlook.com);
What gives here? There is no rule allowing trust of this sender that I can see and follwing the message trace, none of the rules are changing the SCL from 8.