By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

Amazon WorkMail SPAM filter is not working

0

I got bombarded by SPAM emails after switching to Amazon WorkMail. It looks like the SPAM filter does not work at all!

Here is what I have done:

  1. I configured all DNS records (I'm using external DNS service not Amazon Route 53) that are required by WorkMail, everything is "verified" and green.
  2. DMARC enforcement is enabled under "Organization settings" DMARC tab.
  3. In Amazon SES, "Email Receiving", I saw the "INBOUND_MAIL" rule added by WorkMail, the "Spam and virus scanning" is enabled and TLS required box is ticked.

I still get a lot of spam emails. Some emails are obvious spam, for example, an email from a non-exist user of my own organization domain, the DMARC should easily detect this but it's not.

Any suggestion to make the spam filter work in Amazon WorkMail?

  • rePost-User-0330655
    2 years ago

    More information: I opened the spam email in a text editor, and it shows below in the mail header:

    X-SES-Spam-Verdict: PASS X-SES-Virus-Verdict: PASS Received-SPF: softfail (spfCheck: transitioning domain of <my domain> does not designate 88.209.254.24 as permitted sender) client-ip=88.209.254.24; envelope-from=Noreply@<my domain>; helo=kxaeyoak.americamidol.com; Authentication-Results: amazonses.com; spf=softfail (spfCheck: transitioning domain of <my domain> does not designate 88.209.254.24 as permitted sender) client-ip=88.209.254.24; envelope-from=Noreply@<my domain>; helo=kxaeyoak.americamidol.com; dmarc=fail header.from=<my domain>; X-SES-RECEIPT: AEFBQUFBQUFBQUFFUEJKYXA4c2wxd214NFBjTVQ3UU8vMlRkUkdnY2t2b2E2UHZVQ2lQNXZ2SGJpbzRqNTF2QVJnc1VtRitCZ2hHMDhHYW5KY0pPNFROdFFndGc2cU5tRnVjbUM1bGdGeDVLRnpDdExxSUs4VWs0LzJuZjVnY2pRVXlXODJ6RWVGS0V5dTN6aVNrSFBqMnpIQUJPVUd6RmJrcW1BYmRIYlVQQ2c3Q0xXTUZVU2tWbWVQSVg2ZWpvSWI1a3p4STRQNHNXOUlOS2JLMmtRTXhjblJaSWJaT3ZpUTRLQTVTQ0xuMnFXT0lhaVRrRGxNdlU0ZG1ucnB1SERrNkFvSHhYM0N3eGEyUExCNVkwMlpDMndkOVZYSDQrdHQ4aEpBZ0RwWHZwaWRKSzRiMUY4c0E9PQ== X-SES-DKIM-SIGNATURE: a=rsa-sha256; q=dns/txt; b=JOl0gyYOa2Clwbc4Z/rI0Zyy9WKM/iXVKQLL1kJS3EjrioyvdzWBqFgybB59NrPRcoRach8APNSpIGCopdmddBG4Tn.....

    So it looks like DMARC detects the sender as invalid, but why does it still allow this spam email to come into my inbox, not the junk mail folder? By the way, the spam email was received in a group email (virtual account) and distributed to every member of the group.

Topics
Front-End Web & MobileBusiness Applications
Tags
Amazon Simple Email ServiceAmazon WorkMail
Language
English
rePost-User-0330655
asked 2 years ago578 views
2 Answers
0

Hi,

It sounds like DMARC enforcement is not enabled on your organization. Once enabled it should honor the DMARC rules set by the domain owner.

Kind regards, Robin

AWS
EXPERT
robinkaws
answered 2 years ago
  • rePost-User-0330655
    2 years ago

    The DMARC enforcement under WorkMail "Organization settings" DMARC tab is enabled, I've double-checked that.

0

Hi,

I was also in the same position. Let me share what I have done to filter out the spam.

AWS SES -> Email Receiving -> INBOUND RULE -> Select Target Domain -> Enable SPAM filtering + TLS required.

This reduced my spam significantly.

Hope this helps. Regards,

Taka

Taka Hako
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content