Maybe its just me... Maybe I'm missing something obvious...
Why is it that the Blacklist doesn't process the SMTP "From" record to detect a match? We get lots of SPAM where the "Return Path" is different than the FROM header. I have users complaining that they add the "obvious" email address (as shown in their Groupwise message as "From", even including wilcarded domains), but SMG is not considering that as the actual "source" of the message..
If I go into the message tracker, it looks like SMG is ***ONLY*** considering a different field ("Return-Path"?) to perform blacklist (and perhaps whitelist?) matches...
So now, when I need to blacklist a message source, I must FIRST go into the Message Tracker to actually see what SMG considers to be the sender (NOT what groupwise or the user see's in their inbox)..
Obviously, all this is ALSO visible in the "message source" for the message (within the GW client), but its also notable that its NOT what is conspicuously listed in the message "Properties" panel as the "from" source...
Yes, I understand that some fields ("Return-Path") can be used to override other fields ("From") but I expect that spammers know this as well. It would appear to me, that if SMG is going to support BlackLists (particularly individual lists for USERS), that the product should be smart enough to scan for the fields that ACTUAL USERS might be inclined to use!
Software should work for us, right? We shouldn't have to work for the software (i.e. check the message tracker for each and every sender to see what field data SMG is going to use...)
Is it just me?