How do I work out from the Message Header in Spam Message Quarantine why the email has been classified as Spam as I cannot see any obvious reason or is there a simple way to see why the email has been moved to the SMG Quarantine, Email Spam?
Symantec Messaging Gateway Spam Reason
541 Intrusion prevention appliance blocked forwarding of massage
Hi All,
Please help, I found error from SMG 541 Intrusion prevention appliance blocked forwarding of massage. see screeshot
regards,
zul
Use a Smarthost and Authentication for Outbound email
Good Morning,
Product: Symantec Message Gateway 10.6.3 (Virtual Edition)
¿It is possible use smtp authentication for outgoing mail forwarding to a smarthost?
In MTA > Administration > Configuration > SMTP > Outbound > Outbound Non-Local Mail Delivery > Non-local mail relay to the following hosts:
This option only allows you to add the IP of the remote host. (Not username and password)
In what place are the authentication parameters configured for forwarding mail to a autenticated smarthost?
Thank you
SMG 10.6.3-2 IPv6 prefix length
Hello,
I've a SMG 10.6.3.-2 and want to configure IPv6.
The problem is, that the web-interface only allows /64 prefix for IPv6 address, but I've to use a /112 prefix.
Is there any possibility to configure the 112 prefix?
Thanks,
Martin
New ISTR Special Report: Email Threats 2017
Just raising awareness of a new (free!) white paper from Symantec Security Response!
The latest ISTR special report, Email Threats 2017, casts a light on a threat landscape where attackers are actively spreading malicious threats, BEC scams, and a variety of spam through email.
Full white paper: https://www.symantec.com/content/dam/symantec/docs/security-center/white-papers/istr-email-threats-2017-en.pdf
Symantec Messaging Gateway integration with Other brand DLP
Im currently preparing a POC with customer for Symantec Messaging Gateway, their purpose to achieve is intergate with Mcafee DLP ?
My question is, can SMG integrate with Mcafee DLP ?
SMG - 10.6.2 - LUA: RDNS: RDNS lookup for connecting IP ... returned SERVFAIL
Hi team,
I constantly got this message in my dashboard logs :
LUA: RDNS: RDNS lookup for connecting IP ... returned SERVFAIL |
It appears on both of my cluster nodes and i don't know what the problem is.
Could you help me on this please and tell me how to troubleshoot this incident?
Gregory
Roadmap for implementing DMARC on SMG
Hi,
Does Symantec even intend to support DMARC on the SMG platform? FWIW we currently have virtual appliances running v10.6.3.
Stopping Spoofed Email in SMG
Recently we have been getting some spam email coming through as from our domain. EG: me@mycompany.com
When looking in the message audit logs, it will say the sender is something else.
I attached a example of one i sent from hellfire which is a fake mailer great for testing.
In message audit logs, it will say Sender:
Meeting request held by hold zip file content filtering policy
Hi,
I had enabled a 'Hold zip file' content filtering policy. Condition If the attachment or body part is in the attachment list "Archive Files (default); Hold message in Spam Quarantine. Issue I am having is that calendar request is being held on SMG, though there is no Identified attachment or Suspect attachment. I am attaching the content filtering policy and an example of meeting request held. Please advise what can be done. Thanks!!
Certificate error in browser
HI,
I am facing https error in browser while opening brightmail login page.. how to resolve this issue? i already contact with symantec, they are asking to import CA certificate in control center..
I dont know how to generate CA certficate, please give a solution for this issue.
spam sendo entregue normalmente
Olá,
Algumas menssagens que já possuem regras criadas para serem bloqueadas que chegam , estão sendo entregues normalmente, nos logs em veridict fires está none. Para estas menssagens , existe um dicionario que filtra a menssagem e a bloquea no caso de correspondencia. O IP do MTA ou dominio do remetente não estão liberados em good senders e a menssagem não possuia spoofing de algum outro dominio que estivesse liberado. Alguem sabe o que pode ser este comportamento da ferramenta?
Obrigado.
Problem with upgrading from 10.5.4 to 10.6.2-3. 10.6.2-7 or 10.6.3-2
When I try to update Symantec Messaging Gateway form version 10.5.4 to version 10.6.2-3. 10.6.2-7 or 10.6.3-2 ( through Web GUI or commannd line) everything looks OK.
But after some time (for example after an hour) Symantec stop working. I cannot log on web page. No emails can be send or received.
When I connect through SSH and execute command monitor disk , it shows disk: data_free 0. Something filled up whole partition.
Need help !
Thanks in advance!
Authenticated Username is none
Hi,
We are using Symantec Messaging Gateway ver.10.6.3 in our university.
We did not see authenticated username in Message Auidit Logs. Auidit log sample is below.
But our SMG is configured local OpenLdap authentication. All users can send mail after authenticating to OpenLdap.
ID: c0a8016c-db7ff700000008ac-76-5a02b4b021fb
Problem with Customer-specific Spam
Hi,
since one month ago, i send the spam messages that arrive to the clients to Symnatec Customer-specific Spam definitions, but when i check the status of the messages in submission details, i see The submission did not contain a valid RFC5322 message. The messages are in .EML format, someone know whats happen?
Thanks.
tagging external emails
I am using Symantec Messaging gateway 10.6.3 and I cannot find how to tag external emails to warn users this email has come from outside the compnay, all my searches come back only with results on how to do it on the cloud product.
Could someone please point me in the right direction?
Thank you,
Hugh
DNS Validation Enhancement
I am requesting a way to modify the subject line on emails that incorrectly have their DNS configured so I can contact legitimate customers about their settings before enabling the DNS validation feature in Symantec Messaging Gateway.
Reporting on Address Masquerading
Hello,
I use address masquerading as a tool while I'm migrating from one email domain to an other.
This way, email send to the old domein is masqueraded to the users on the new email domain. This works like a charm but....
I want to see what email is still send to the old email addressess so I can adjust the systems that send thoose emails.
Is there a report or log that tells me from or to what addressess email is send before masquerading takes place? Or a log about the masquerading in total.
Hope that anyone can help me.
Albert
Bypass email spam policy for 1 email address
Hi,
I am using Email spam policy 'Suspected Spam: Modify subject line with "[Suspected Spam]" (default)'. Problem I am having is that 1 mail is being held as Spam though the email address is genuine. I have whitelisted the email address, but it is still being held. How can I bypass the email spam policy for the specific email address?
Thanks to help!
Content Filtering if URL doesnt match, possible?
We have been getting alot of spam coming in that is getting past the spam filter. Alot of the links in the emails are compromised sharepoint sites. EG: https://allsStartiling-my.sharepoint.com/personal/... fdf594cca&authkey=AcAi2FDSFDSFDSFDSFdfo&e=0e155fba325sgfs3r2ff333f3f3a44f Is there a way to put in a filter so if the sharepoint site doesnt match our companys EG: https://MyCOmpany.sharepoint.com/*************, it will be quarantined?