Just upgraded to the Brightmail appliances. I have the default policy set to send any emails with unscannable attachments to the spam quarantine. The majority of these emails are spam because of malformed MIME types which is what I want.
Unfortunately, I have a few legit senders whose emails I wish to allow through. I added their address/domain to my known Good Senders list which is applied to the default policy but they are still getting blocked.
A few things:
Shouldn't the whitelist/blacklist be applied first and overrule the scanning? IE: Adding the username/domain/ip to good sender list just send it through instead of blocking it? Every other spam appliance I've worked with has done this.
I saw a previous thread about the same issue:
https://www-secure.symantec.com/connect/forums/passing-trough-messages-without-scanning-virus-spam-and-content
But the user is told he has a "strict" policy and to allow the attachments through? That seems to me a lazy answer. I am getting more spam than legit emails being blocked, so I do NOT want to turn this blocking of unscannable attachments policy off.
What would be a way for me to add specific senders or domains that way they get their messages delivered regardless of any other rules?