How to read the "MS ForeFront" antispam report in email header?

iis email smtp configuration spam

5,954

"H:" is the host name - name assigned to the server
"RD:" appears to be the Fully Qualified Domain Name (FQDN)

This is actually more of a SMTP server configuration situation as to how your server is "announcing" itself to the other servers when they negotiate SMTP sessions. It just happens to be "ForeFront" being your system that ultimately "connects" with the external SMTP systems.

5,954

Author by

Pandincus

Primarily (but not only!) .NET/C# developer currently in the Long Island, New York area.

Updated on September 18, 2022

Comments

Pandincus over 1 year
I'm trying to diagnose why emails I'm sending out from my server's IIS SMTP Pickup Folder are getting bounced back occasionally.

One tech from a receiving company who couldn't receive the emails said:
```
The email would go through if you could configure your server to use
<servername>.<domain>.<tld> instead of just <servername>
```
I navigated to the following place in IIS:
- Internet Information Services
  - myservername (local computer)
    - Default SMTP Virtual Server
      
      Domains
Once there, I see I can rename the Domain Name to be anything I want. I've done that, but now I'm trying to figure out if it is enough.

Once I send out a test email, here is the antispam report I see from gmail, for example:
```
X-Forefront-Antispam-Report:
    CIP:<server ip>;
    KIP:(null);
    UIP:(null);
    IPVD:NLI;
    H:<server name>;
    RD:<server name>.<domain>.<tld>;
    EFVD:NLI
```
I'm trying to figure out what any of this means, so I know if I've configured it properly. What's the difference between H and RD? Is there some sort of ForeFront Antispam documentation that describes what the different codes mean?