A common tactic that spammers take is to send emails from known email addresses at your own domain. For example, spam to firstname.lastname@example.org from email@example.com, or another known user like firstname.lastname@example.org. This is why we don't add our own domains to the Allowed Senders list.
Blocking Mailboxes that Don't Exist
Another common tactic that spammers will take is to use random/non-existant mailboxes at your domain to try to get spam through. For example, spam to email@example.com from firstname.lastname@example.org. This technique is specifically designed to catch companies that do have their own domain in their Allowed Senders list. Our spam filtering will catch mailboxes for hosted domains that do not exist and send those emails to the Spam folder.
In other words, when that email@example.com email arrives, the spam filtering sees that company.com is in MRSware Domains list (in System Administration), and then sees that the Mailbox "hpfax" is not in the Mailboxes list. That email gets placed in Spam.
Allow Addresses for Specific Devices
However, Users do still have the ability to specifically allow through an email from the address "firstname.lastname@example.org". This would be the case where you actually had a fax machine that sent your faxes via email, and that fax machine was unable to use an email account in MRSware to send it -- that fax would look like it came from outside the company and would thus be subject to blocking, unless specifically Allowed... Make sure to Allow just the one email address, not the whole domain.
Home Users Use Company's Mail Server
Emails that originate through a MRSware Email account are never subject to spam filtering. In other words, any device, mail app, or software that sends as a Mailbox in MRSware should be set up to use a SMTP connection (send emails) through the MRSware Mail Servers. This will guarantee their delivery to your colleagues, as they won't be subject to blocking.
An example of doing this incorrectly is a User that has Outlook on their home computer and sets up their MRSware Mailbox on that computer, but doesn't use his/her MRSware Mailbox setting to send those emails, perhaps instead using their home's Comcast mail server.
Those emails will be subject to spam filtering since they are coming from outside the MRSware network, and will end up in the Spam folder of the intended recipient. User your MRSware SMTP (outgoing) mail settings instead of Comcast's.
SPF Records for Your Domain
One of the newer standards that is actually starting to be implemented by Spam Filtering Services is the recognition of SPF record settings. SPF has been around for a while -- in fact, we first started recommending companies add SPF to their domain in 2008 -- but only recently have we seen it being enforced.
The function of SPF is to tell recipients what mail servers are authorized to send email on behalf of your registered domain names. For example, company.com authorizes MRSware's Mail Servers to send email for any @company.com email addresses. The recipient's mail server can then decide what to do about email that comes from some other, unauthorized mail server. Typically the recipient's service might reject it outright or at least place it in the Spam folder of the intended receiver.
In our example above, about the home user that has been sending emails out through Comcast instead of his company's authorized mail servers, all of those emails are increasingly likely to not reach their intended recipient.
Follow these rules to maximize successful delivery to your recipients and minimize spam in the Inbox.