We had a user recently that was reporting excessive amounts of spam in her inbox. This company uses Postini as their filtering service, so naturally, this didn’t seem quite right. After some research, I determined that it was non-account blocking (a Postini feature) that was causing the problem. In this example, let’s assume the user is Jane Smith. Her email address is email@example.com. The spam was coming into firstname.lastname@example.org, an alternate SMTP address in Exchange.
Non-account blocking in Postini bounces all email that comes to addresses not registered in the Postini user database. If this feature is not enabled (as was the case here), Postini does not filter the email according to the spam filters and, instead, passes it through untouched. The email@example.com address was not added into the user database as either a user or an alias to a user. When Postini received email on this address, it passed it straight through to their exchange server. The exchange server recognized the recipient as a legitimate user and delivered the mail as expected.
The fix here was to enable non-account blocking and add these secondary SMTP addresses as aliases in Postini. Jane has not received any spam since then.