Quantcast
Channel: Symantec Connect - Messaging Gateway - Discussions
Viewing all 1067 articles
Browse latest View live

21 Service Temporarily Unavailable

April 6, 2017, 3:14 am
$
0
0
I need a solution

Hi All, 

We send emails to our customers on daily basis and quite alot of them use messagelabs for email service. Since yesterday we have started receiving alerts about mails queueing up in our outbox because they were not delivered to messagelabs. 

All messages failed with the following error:

TLS error on connection to cluster5.us.messagelabs.com [216.82.242.34] (recv)  : Error in the pull function

421 Service Temporarily Unavailable 

Is it possible that you have some throttling policy for the server that we are using to send emails from?

Regards, 

Jahan Syed

0
Search

IPs in blacklist, removal form not helping

April 6, 2017, 2:23 pm
$
0
0
I need a solution

Hi,

I've been running an e-mail server for a couple months now, and keep running into issues with deliverability to people who use your security product.

I'm not on any other blacklists, have never sent spam, and have held my IPs for over 3 years.

I went through the submission procedure 8 days ago, and have checked again daily.  Every day since it has said "already submitted" up until today, when it again accused me of snowshoe spam.  So I submitted my entire /29 again. 

I e-mailed Investigation@review.symantec.com multiple times, and only received one reply -- and they told me I had never filled out the form, and to go do that. 

Frustrated, I did some experimenting, and it seems that you have blocked a large range of IPs that just happens to include my /29.

Experimenting further, I tried other (non-mail-server) ips I own, and out of 20+ ips, only 3 weren't accused of horseshoe attacks.  So I submitted them all for removal.

Some of these IPs aren't even active. 

I'm starting to see your captchas in my dreams.  Certainly there has to be a better way.

Please advise how to proceed.  The main range I care about is:

192.99.251.40/29

Thanks,

Ian

0

Emails are getting blocked - 553-SPF (Sender Policy Framework) domain authentication 553-fail.

April 10, 2017, 9:07 am
$
0
0
I need a solution

Hi Symantec,

Our emails are getting blocked with the error:

553-SPF (Sender Policy Framework) domain authentication
553-fail.

We have verified and the SPF is in place, please refer the below details:

SPF:

v=spf1 mx:intel.com include:_spf.google.com  include:_spf.q4press.com -all

The SPF says, trust all the sender who are part of the MX=intel.com. Below is the MX record for Intel.com:

PrefHostnameIP Address
1000mga01.intel.com192.55.52.88
1000mga02.intel.com134.134.136.20
1000mga03.intel.com134.134.136.65
1000mga04.intel.com192.55.52.120
1000mga05.intel.com192.55.52.43
1000mga06.intel.com134.134.136.31
1000mga07.intel.com134.134.136.100
1000mga09.intel.com134.134.136.24
1000mga11.intel.com192.55.52.93
1000mga14.intel.com192.55.52.115

We use the above servers to send emails as well. Below is the log from our gateway:

SMTP delivery connection (DCID 60377238) opened to IP address 85.158.136.83 on port 25.

Delivery details: Message 423119378 sent to xxxx@ts.fujitsu.com, xxxxxx@ts.fujitsu.com, xxxxxxr@ts.fujitsu.com, xxxxxx@ts.fujitsu.com [(\'from\', \'"xxxz"<xxx.yyyy@intel.com>\')

0

IP gets blocked again and again

April 11, 2017, 12:54 am
$
0
0
I need a solution

Hello!

I'm currently experiencing the situation that the IP of one of my servers (62.75.169.191) gets on your blacklist again and again. (that means that I place an investigation request and a few hours to days later the IP is removed and all queued mail get sent)

Again a few days later the mails are being blocked again and the server's IP is reported as "The host has been observed sending spam in a format that is similar to snow shoe spamming techniques."

Today I again submitted a removal request.

As I don't have any clue why the IP gets on the blacklist again, please advice what I can do to prevent that.
(the IP is not reported on any other blacklist)

Thanks in advance!

Best regards,

Daniel JM

0

Black List Removal 198.204.254.221

April 12, 2017, 1:20 pm
$
0
0
I need a solution

Can somebody from Symantec read this? Please I need a fix.

I'm receiving the same error when my email server try connect with other email server with synmatec products.
The error is 554 5.7.1 You are not allowed to connect.
My email server IP is 198.204.254.221 and 198.204.254.222

I have submitted the email server IP for invetigation on http://ipremoval.sms.symantec.com/lookup/ but all remain the same,  I get message "The IP address 198.204.254.221 has already been submitted for investigation." and with ip 198.204.254.222 I have submited any times too.

Boths server are normal customers email server.I got IPs form datacenter one month ago and still I cant clean from synmatec successfully.

I tryed many times submit both IPS for invetigate but I can't get succefull delist. Please can you help me?

Thank you!

0

Email not received though Local connection history shows 100% accepted

April 13, 2017, 3:02 am
$
0
0
I need a solution

Hi,

People from my company can send email to a contact info@xxx.be, but we cannot receive any mail from info@xxx.be. I have added the Connection IP to Local Good Sender IPs. The Local connection history shows for Past hour Attempted: 10 (100%), Accepted: 10 (100%); but when I check Message Audit Logs nothing has been received.

What can I do to further troubleshoot this problem? How come Local connection history shows 10 accepted connection, but nothing has been received. Thanks to help!

0

IP reputation / Snowshoe

April 13, 2017, 9:57 am
$
0
0
I need a solution

As per multiple (mainly unanswered) threads in this forum I am posting regarding the 'blacklisting' of an IP range ... only in our case its a pretty big range (188.240.160.0/19) - over 8000 useable IP's.

This range is used to supply leased line customers (private dedicated fibre lines using 100Mb/s or Gigabit bearers) IP transit.

It appears from customer reports that this entire range reports as given a negative reputation, and the lookup/removal tool reports 

  • The host has been observed sending spam in a format that is similar to snow shoe spamming techniques.

As a substantial proportion of this range is currently unallocated (unused), and the IP's that are allocated and used are allocated to multiple individual organisations and providers it is simply not possible that this entire range has been seen to be sending spam (at all) as described.

As with the other multiple requests and reports here, we have found it virtually impossible to report this issue - requesting removal simply removes one of the IP's for a few hours but then it is relisted.  Symantec seem to have no ISP level contacts available, and we have simply been refused support by the 1st/2nd line support as we don't use the Symantec service ourselves.

This is clearly a substantial problem, and you would have thought that Symantec would want to ensure legitimate email delivery rather than just blackholing email (which is what appears to happen from the reports we've seen - email is accepted by messagelabs, but simply never delivered to the recipient, so no NDR is created).

We've conducted extensive investigations into this, and are certain that the root cause analysis is correct. Please can one of the techs take this issue and escalate it and provide contact information for whichever part of your organisation actually deals with network level issues such as this.

0

Within domain have SMG route email to Office365 email account.

April 18, 2017, 5:25 am
$
0
0
I need a solution

Hi,

Within Protocols> SMTP> Domains, it is possible to specify destination routing. Same is used to deliver email to our lotus notes server and exchange server. Based on email address, SMG will deliver. I would like to know whether it is possible to route message over the internet. For example have SMG to route email to office365 account (public IP). The exchange server mentioned earlier is on the same network.

Please help!!

0
Search

Bad Reputation Ip

April 19, 2017, 10:20 am
$
0
0
I need a solution

My ip (37.59.49.128) is in bad reputation list for subspect snow show spam.

The server are a shared mail and web server and when was in bad reputation list i cant connetct with some other mail server.

I controll the integrity of server daily. 

please help me.

Pietro Lombardo

0

SMG - Global Bad Senders

April 20, 2017, 12:18 am
$
0
0
I do not need a solution (just sharing information)

Hello,

Our SMG says in the IP Reputation lookup that the IP address 164.132.99.87 is on the list of Global Bad Senders. But the test http://ipremoval.sms.symantec.com/lookup/ shows that there is not. The IP address you submitted, 164.132.99.87, does not have a negative reputation and therefore cannot be submitted for investigation.

The test http://www.symantec.com/security_response/landing/spam/ shows the neutral reputation for this IPaddress.

Why our SMG  see it that way?

We are not able to received   messages from this IP, the domain is vicomtrade.cz .  Verdict =Symantec Global Bad Sender .

I can put IP address to the Local Good Senders, but is not the solution I like.   

Thanks

Jan

0

IP that has been submitted for investigation over 10 days

April 21, 2017, 6:44 am
$
0
0
I need a solution

Hello,

We have an IP that has been submitted for investigation over 10 days now, without any updates.

##########################

The IP address 89.46.120.51 has already been submitted for investigation.

##########################

I have this IP address dedicated to my mail server. We have owned the IP for well over 1yrs and just started using it for email. All inbound and outbound email is filtered through an enterprise appliance so I'm certain that we are not sending malicious or junk email

PLEASE HELP ME

0

Blacklisted IP

April 22, 2017, 5:22 am
$
0
0
I need a solution

Hello,

Our client is unable to send mail to Symantec Messaging Gateway users. Any attempts to do so are greeted with the following error:

554 5.7.1 You are not allowed to connect.

We have previously attempted to request an investigation using the form located [http://ipremoval.sms.symantec.com/lookup/] but have not received any reply or notice for several days. Additionally, we have confirmed the server in question is not participating in any outbound spamming or malicious activity.

Please assist in removing the blacklisting placed on [138.128.170.18] or providing additional information that may assist our team in resolving this issue.

Thank you for your assistance.

0

IP Removal more then a month

April 24, 2017, 8:35 am
$
0
0
I need a solution

Hello,

a month ago I added our ip for investigate. But it's still under investigating.

Our web site works perfectly, no virus or spam now. (Last year we was hacked),

We create all new web site and changed hosting. Now we are clean. no where we are on spam lists

please remove us from blacklist, and give us our reputation back pls

IP Adress : 185.153.221.108

sometimes we got this error mail

---------------------------------------

reservationbelek@regnumhotels.com

    host smtp.regnumhotels.com [212.174.254.8]

    SMTP error from remote mail server after initial connection:

    554 5.7.1 You are not allowed to connect.

----------------------------------------

thank you for your help

0

Mensagens chegam com 24 horas de atraso

April 26, 2017, 8:20 am
$
0
0
I need a solution

Olá,

Implantei o Symantrec Messaging Gateway há uns 40 dias atrás e notei que alguns e-mails estão chegando com 24 horas de atraso. Alguem sabe me informar se isto é algum problema do software SMG ou configuração? A versão é 10.6.2.7.

Att.

Felippe.

0

E-mails arrive 12 hours late

May 2, 2017, 7:56 am
$
0
0
I need a solution

Hi,

i'm new with SMG and configure it to send end receive email as a relay to a Exchange 2003 server and the problem is that some messages are arrive with 12 hours of delay. Someone already see this problem before?

0
Search

IP block listed on bad senders list

May 3, 2017, 3:08 am
$
0
0
I need a solution

I work for an ISP that has its IPs listed on the bad senders list. The problem is, no matter which IP address out of the 1024 I selected at random to check, they all came back as a positive match - even those that are currently unassigned, and therefore could not possibly have been used to send spam (unless spoofed, of course).

Our customers are complaing that their emails to their own customers are failing, and getting messages back such as "Your IP address is on the Symantec Global Bad Senders List." 

Our entire RIPE NCC assigned /22 block cannot all be on the list, especially when we have only assigned a quarter of that space to customers. Our block is 185.130.156.0/22.

Can this please be investigated as this clearly isn't right?

0

I want a specific email to get all type of files

May 3, 2017, 5:00 am
$
0
0
I need a solution

Hi, i want a specific email address on my organization can be able to get all type of files

i need a custom dictionari or something? how i set this up?

Thanks.

0

Disable clickable url feature.

May 4, 2017, 1:23 am
$
0
0
I need a solution

Hi Guys,

I have been testing this feature and need some assistance in testing from your side if possible.

My gateway is running the lastest version.

The manner in which i configure it is by creating a policy group for different domains and email addresses and then the email content filtering policy based on what i want to do.

Currently I have a very basic filter which consists of:

Settings - Track violations of this policy

Condition - for all messages

Conditions - Disable clickable URLs in message

Policy Group - Test policy

This works as intended for the body of the message but when I add additional conditions for "disable for attachments" and "Subject" and grouped (X&Y), is still only works apllies to the body and not the rest.

Am I missing something somewhere?

Thanks in advance.

Dale

0

Disable clickable URLs in message

May 4, 2017, 1:28 am
$
0
0
I need a solution

Hi Guys,

I have been testing this feature and need some assistance in testing from your side if possible.

My gateway is running the lastest version.

The manner in which i configure it is by creating a policy group for different domains and email addresses and then the email content filtering policy based on what i want to do.

Currently I have a very basic filter which consists of:

Settings - Track violations of this policy

Condition - for all messages

Conditions - Disable clickable URLs in message

Policy Group - Test policy

This works as intended for the body of the message but when I add additional conditions for "disable for attachments" and "Subject" and grouped (X&Y), is still only works apllies to the body and not the rest.

Am I missing something somewhere?

Thanks in advance.

Dale

0

Content-Filtering - ony if no other Verdicts

May 4, 2017, 11:26 pm
$
0
0
I need a solution

Hi,

i wan't to use content filtering to filter inbound messages that contains executale files. Those attachments should be delete an a notification to the recipient should be sent.

When I configure this it works, but the recipient get's notification for SPAM and VIRUS Mails too - if they contain attachments.

Is it possible to configure the content filter policy to apply only if the message has no other verdicts.

Regards

0
Viewing all 1067 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>