Are you the publisher? Claim or contact us about this channel


Embed this content in your HTML

Search

Report adult content:

click to rate:

Account: (login)

More Channels


Showcase


Channel Catalog


older | 1 | (Page 2) | 3 | 4 | .... | 42 | newer

    0 0

    I need a solution

    Hey guys,

     

    Can anyone give me some  admin guide on how to use the Symantec Email Security.Cloud? I've been reading some stuff from the symantec website but cant find any admin guide or anything related to deployment procedure. Anything?

     

    Thanks,


    0 0

    I need a solution

    Hello. Would anyone happen to know how to run daily reports in Symantec.Cloud of all inbound and outbound mail through the filter? Something that can be scheduled to run at a specific time and send the report. 


    0 0

    I do not need a solution (just sharing information)

    Funny posting this here, since I was with SYMC till just a few months back... but here it goes.

    Our anti-spam appliance is blocking several IP's of MessageLabs since it is sending spam to us, this client is sending out a lot of similar e-mails to none existing address on our side. Hence the anti-spam appliance on our side sees this as malicious behaviour and temporarily blocks your IP of that particular sending server. Since you of course use a lot of load balanced servers, we block a lot of them. Impacting other customers of this platform, which is a bad thing. And it impacts the reputation of a great hosted platform that you guys and gals have.

    Just as a small part of the info
    sending IP: 216.82.243.199 (reverse: mail1.bemta8.messagelabs.com)
    sending IP: 216.82.243.197 (reverse: mail1.bemta8.messagelabs.com)
    sending IP: 216.82.254.101 (reverse: mail1.bemta7.messagelabs.com)

    to addresses that seem to be generated by code, at least the start of these are:

    BudMsite023@[insert our domain]
    BudMsite028@[insert our domain]
    BudMsite095@[insert our domain]

    Sender is claimed to be BudgetConfirmations@budgetgroup.com - but can be very well spoofed of course.


    0 0

    I do not need a solution (just sharing information)

    The Symantec Email Submission Client (SESC) enables customers with Microsoft Exchange environments to easily submit suspected spam to Symantec Security Response.  Symantec Email Security.cloud customers may be pleased to know they can use it too.

    The end user moves suspected spam messages to the “Report Spam” folder in their email client, which are then sent to Symantec Security Response for anti-spam research. As the tools sits on the Exchange server, it works independently of our gateway email offerings, and works on any email client – Outlook, OWA, even mobile devices. 

    The implementation guide is available within the Email Security.cloud management portal. For more information on what this tool looks like and how it works check out this blog: http://www.symantec.com/connect/articles/symantec-email-submission-client


    0 0

    I need a solution

    hi,

    month ago i registered on Symantec APP Center... 

    and i wanted to test "Secure Email" on my mobile device...

    on APP Center i didnot configure Integration with AD...

    i just created local account in web portal..

    and also installed Secure Email on my mobile device (Android v4.2.2)...

     

    ive got problem with configuring this application:

    during the configuration i receive an error on my smartphone:

    Connection to https://localhost refused Exception performing request Activesync version check returned negative. but still trying for 12.1

     

    need help


    0 0

    I need a solution

    Hi,

    Email filtering through Symantec is allowing us to restrict all unwanted stuff for all domain Id's but we need to block it for specific domain Id. It would be great if we can restrice all news letters and advertizements etc for a specif domain Id only.

     

    Thanks in Advance !!

     


    0 0

    I need a solution

    Hi, I´d like to know why my requests to remove our ips from symantech blacklists are not being accept. I'm sending down the ips that are listed continuously and are not being removed after requests. I need to know what to do and then proceed to not occur more IPs listed.

    I hope you can help me soon as possible.

     

    Thanks.


    0 0

    I do not need a solution (just sharing information)

    Over the past two weeks we have had reports from several companies that they can't deliver email to our employees or that delivery gets delayed. The common denominator seems to be that their email gets relayed through messagelabs.com and our Postfix MTA servers keep logging messages indicating that connections from that domain keep getting closed by the remote peer. (We've enabled debugging for their subnets)

     

    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: connect from mail1.bemta3.messagelabs.com[195.245.230.171]
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: mail1.bemta3.messagelabs.com ~? hash:/etc/postfix/network_table(0,lock|fold_fix)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db mail1.bemta3.messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .bemta3.messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostaddr: 195.245.230.171 ~? hash:/etc/postfix/network_table(0,lock|fold_fix)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: dict_lookup: 195.245.230.171 = (notfound)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_list_match: mail1.bemta3.messagelabs.com: no match
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_list_match: 195.245.230.171: no match
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: send attr request = connect
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: send attr ident = smtp:195.245.230.171
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: vstream_fflush_some: fd 21 flush 44
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: status
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: vstream_buf_get_ready: fd 21 got 25
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: status
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute value: 0
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: count
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: count
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute value: 1
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: rate
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: rate
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute value: 1
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: (list terminator)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: (end)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: > mail1.bemta3.messagelabs.com[195.245.230.171]: 220 dmz-spamwall-01.dmz.oikt.net ESMTP Postfix
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: vstream_fflush_some: fd 9 flush 48
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: watchdog_pat: 0x83d8ba0
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: smtp_get: EOF
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: mail1.bemta3.messagelabs.com ~? hash:/etc/postfix/network_table(0,lock|fold_fix)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db mail1.bemta3.messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .bemta3.messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .messagelabs.com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostname: lookup hash:/etc/postfix/network_table.db .com: notfound
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_hostaddr: 195.245.230.171 ~? hash:/etc/postfix/network_table(0,lock|fold_fix)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: dict_lookup: 195.245.230.171 = (notfound)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_list_match: mail1.bemta3.messagelabs.com: no match
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: match_list_match: 195.245.230.171: no match
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: send attr request = disconnect
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: send attr ident = smtp:195.245.230.171
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: vstream_fflush_some: fd 21 flush 47
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: status
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: vstream_buf_get_ready: fd 21 got 10
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: status
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute value: 0
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: private/anvil: wanted attribute: (list terminator)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: input attribute name: (end)
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: lost connection after CONNECT from mail1.bemta3.messagelabs.com[195.245.230.171]
    Apr  8 13:21:11 dmz-spamwall-01 postfix/smtpd[7610]: disconnect from mail1.bemta3.messagelabs.com[195.245.230.171]

     

    But wait... some packet sniffing reveals that the issue isn't as simple as a straight connect/disconnect (it never is)

    13:08:35.444849 IP (tos 0x0, ttl  52, id 55359, offset 0, flags [DF], proto: TCP (6), length: 60) 195.245.230.171.34072 > 109.199.194.61.25: S, cksum 0x61ce (correct), 998480089:998480089(0) win 5840 <mss 1460,sackOK,timestamp 1514619110 0,nop,wscale 7>
            0x0000:  0050 56b1 092d 0010 dbff 2000 0800 4500  .PV..-........E.
            0x0010:  003c d83f 4000 3406 93d6 c3f5 e6ab 6dc7  .<.?@.4.......m.
            0x0020:  c23d 8518 0019 3b83 98d9 0000 0000 a002  .=....;.........
            0x0030:  16d0 61ce 0000 0204 05b4 0402 080a 5a47  ..a...........ZG
            0x0040:  40e6 0000 0000 0103 0307                 @.........
    13:08:35.444892 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF], proto: TCP (6), length: 60) 109.199.194.61.25 > 195.245.230.171.34072: S, cksum 0x69b0 (correct), 2031622044:2031622044(0) ack 998480090 win 5792 <mss 1460,sackOK,timestamp 10249964 1514619110,nop,wscale 7>
            0x0000:  0010 dbff 2000 0050 56b1 092d 0800 4500  .......PV..-..E.
            0x0010:  003c 0000 4000 4006 6016 6dc7 c23d c3f5  .<..@.@.`.m..=..
            0x0020:  e6ab 0019 8518 7918 179c 3b83 98da a012  ......y...;.....
            0x0030:  16a0 69b0 0000 0204 05b4 0402 080a 009c  ..i.............
            0x0040:  66ec 5a47 40e6 0103 0307                 f.ZG@.....
    13:08:35.482475 IP (tos 0x0, ttl  52, id 55360, offset 0, flags [DF], proto: TCP (6), length: 52) 195.245.230.171.34072 > 109.199.194.61.25: ., cksum 0xaec9 (correct), 1:1(0) ack 1 win 46 <nop,nop,timestamp 1514619147 10249964>
            0x0000:  0050 56b1 092d 0010 dbff 2000 0800 4500  .PV..-........E.
            0x0010:  0034 d840 4000 3406 93dd c3f5 e6ab 6dc7  .4.@@.4.......m.
            0x0020:  c23d 8518 0019 3b83 98da 7918 179d 8010  .=....;...y.....
            0x0030:  002e aec9 0000 0101 080a 5a47 410b 009c  ..........ZGA...
            0x0040:  66ec                                     f.
    
    
    13:13:35.476381 IP (tos 0x0, ttl  52, id 55361, offset 0, flags [DF], proto: TCP (6), length: 52) 195.245.230.171.34072 > 109.199.194.61.25: F, cksum 0x1ae6 (correct), 1:1(0) ack 1 win 46 <nop,nop,timestamp 1514919145 10249964>
            0x0000:  0050 56b1 092d 0010 dbff 2000 0800 4500  .PV..-........E.
            0x0010:  0034 d841 4000 3406 93dc c3f5 e6ab 6dc7  .4.A@.4.......m.
            0x0020:  c23d 8518 0019 3b83 98da 7918 179d 8011  .=....;...y.....
            0x0030:  002e 1ae6 0000 0101 080a 5a4b d4e9 009c  ..........ZK....
            0x0040:  66ec                                     f.
    13:13:35.476747 IP (tos 0x0, ttl  64, id 28812, offset 0, flags [DF], proto: TCP (6), length: 52) 109.199.194.61.25 > 195.245.230.171.34072: ., cksum 0x86e1 (correct), 1:1(0) ack 2 win 46 <nop,nop,timestamp 10549996 1514919145>
            0x0000:  0010 dbff 2000 0050 56b1 092d 0800 4500  .......PV..-..E.
            0x0010:  0034 708c 4000 4006 ef91 6dc7 c23d c3f5  .4p.@.@...m..=..
            0x0020:  e6ab 0019 8518 7918 179d 3b83 98db 8010  ......y...;.....
            0x0030:  002e 86e1 0000 0101 080a 00a0 faec 5a4b  ..............ZK
            0x0040:  d4e9                                     ..
    
    
    13:21:11.528108 IP (tos 0x0, ttl  64, id 28813, offset 0, flags [DF], proto: TCP (6), length: 100) 109.199.194.61.25 > 195.245.230.171.34072: P, cksum 0xa94c (correct), 1:49(48) ack 2 win 46 <nop,nop,timestamp 11006047 1514919145>
            0x0000:  0010 dbff 2000 0050 56b1 092d 0800 4500  .......PV..-..E.
            0x0010:  0064 708d 4000 4006 ef60 6dc7 c23d c3f5  .dp.@.@..`m..=..
            0x0020:  e6ab 0019 8518 7918 179d 3b83 98db 8018  ......y...;.....
            0x0030:  002e a94c 0000 0101 080a 00a7 f05f 5a4b  ...L........._ZK
            0x0040:  d4e9 3232 3020 646d 7a2d 7370 616d 7761  ..220.dmz-spamwa
            0x0050:  6c6c 2d30 312e 646d 7a2e 6f69 6b74 2e6e  ll-01.dmz.oikt.n
            0x0060:  6574 2045 534d 5450 2050 6f73 7466 6978  et.ESMTP.Postfix
            0x0070:  0d0a                                     ..
    13:21:11.528973 IP (tos 0x0, ttl  64, id 28814, offset 0, flags [DF], proto: TCP (6), length: 52) 109.199.194.61.25 > 195.245.230.171.34072: F, cksum 0x9136 (correct), 49:49(0) ack 2 win 46 <nop,nop,timestamp 11006047 1514919145>
            0x0000:  0010 dbff 2000 0050 56b1 092d 0800 4500  .......PV..-..E.
            0x0010:  0034 708e 4000 4006 ef8f 6dc7 c23d c3f5  .4p.@.@...m..=..
            0x0020:  e6ab 0019 8518 7918 17cd 3b83 98db 8011  ......y...;.....
            0x0030:  002e 9136 0000 0101 080a 00a7 f05f 5a4b  ...6........._ZK
            0x0040:  d4e9                                     ..
    13:21:11.565986 IP (tos 0x0, ttl  52, id 0, offset 0, flags [DF], proto: TCP (6), length: 40) 195.245.230.171.34072 > 109.199.194.61.25: R, cksum 0x7baa (correct), 998480091:998480091(0) win 0
            0x0000:  0050 56b1 092d 0010 dbff 2000 0800 4500  .PV..-........E.
            0x0010:  0028 0000 4000 3406 6c2a c3f5 e6ab 6dc7  .(..@.4.l*....m.
            0x0020:  c23d 8518 0019 3b83 98db 0000 0000 5004  .=....;.......P.
            0x0030:  0000 7baa 0000 0000 0000 0000            ..{.........
    13:21:11.566290 IP (tos 0x0, ttl 244, id 27369, offset 0, flags [DF], proto: TCP (6), length: 40) 195.245.230.171.34072 > 109.199.194.61.25: R, cksum 0xeab3 (correct), 2:2(0) ack 50 win 0
            0x0000:  0050 56b1 092d 0010 dbff 2000 0800 4500  .PV..-........E.
            0x0010:  0028 6ae9 4000 f406 4140 c3f5 e6ab 6dc7  .(j.@...A@....m.
            0x0020:  c23d 8518 0019 3b83 98db 7918 17ce 5014  .=....;...y...P.
            0x0030:  0000 eab3 0000 0000 0000 0000            ............
    13:21:11.566324 IP (tos 0xc0, ttl  64, id 54773, offset 0, flags [none], proto: ICMP (1), length: 68) 109.199.194.61 > 195.245.230.171: ICMP host 109.199.194.61 unreachable - admin prohibited, length 48
            IP (tos 0x0, ttl 244, id 27369, offset 0, flags [DF], proto: TCP (6), length: 40) 195.245.230.171.34072 > 109.199.194.61.25: R, cksum 0xeab3 (correct), 2:2(0) ack 50 win 0
            0x0000:  0010 dbff 2000 0050 56b1 092d 0800 45c0  .......PV..-..E.
            0x0010:  0044 d5f5 0000 4001 c95d 6dc7 c23d c3f5  .D....@..]m..=..
            0x0020:  e6ab 030a d7b6 0000 0000 4500 0028 6ae9  ..........E..(j.
            0x0030:  4000 f406 4140 c3f5 e6ab 6dc7 c23d 8518  @...A@....m..=..
            0x0040:  0019 3b83 98db 7918 17ce 5014 0000 eab3  ..;...y...P.....
            0x0050:  0000                                     ..

     

    What, it seems that Postfix waits about 13 minutes from the TCP connection is established until it sends the SMTP greeting? Why would it do this? One common culprit is DNS lookups.

    $ dig -x 195.245.230.171
    
    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> -x 195.245.230.171
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 20151
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;171.230.245.195.in-addr.arpa.  IN      PTR
    
    ;; ANSWER SECTION:
    171.230.245.195.in-addr.arpa. 5886 IN   PTR     mail1.bemta3.messagelabs.com.
    
    ;; AUTHORITY SECTION:
    in-addr.arpa.           161402  IN      NS      b.in-addr-servers.arpa.
    in-addr.arpa.           161402  IN      NS      c.in-addr-servers.arpa.
    in-addr.arpa.           161402  IN      NS      d.in-addr-servers.arpa.
    in-addr.arpa.           161402  IN      NS      e.in-addr-servers.arpa.
    in-addr.arpa.           161402  IN      NS      f.in-addr-servers.arpa.
    in-addr.arpa.           161402  IN      NS      a.in-addr-servers.arpa.
    
    ;; Query time: 0 msec
    ;; SERVER: 109.199.194.66#53(109.199.194.66)
    ;; WHEN: Tue Apr  8 13:30:29 2014
    ;; MSG SIZE  rcvd: 200

     

    ...then it's usually a good idea to do a forward lookup to see if it matches, but this is where it gets interesting:

    $ dig mail1.bemta3.messagelabs.com.
    ;; Truncated, retrying in TCP mode.
    
    ; <<>> DiG 9.3.6-P1-RedHat-9.3.6-20.P1.el5_8.6 <<>> mail1.bemta3.messagelabs.com.
    ;; global options:  printcmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 51251
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 21, AUTHORITY: 0, ADDITIONAL: 0
    
    ;; QUESTION SECTION:
    ;mail1.bemta3.messagelabs.com.  IN      A
    
    ;; ANSWER SECTION:
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.169
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.170
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.171
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.172
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.173
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.174
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.175
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.176
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.177
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.178
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.179
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.180
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.34
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.161
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.162
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.163
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.164
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.165
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.166
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.167
    mail1.bemta3.messagelabs.com. 13074 IN  A       195.245.230.168
    
    ;; Query time: 1 msec;; SERVER: 81.175.0.66#53(81.175.0.66)
    ;; WHEN: Tue Apr  8 13:31:31 2014
    ;; MSG SIZE  rcvd: 382

     

    The UDP response gets truncated? This reminds me of when we were setting up our Active Directory environment to work with our Juniper SRX firewalls. As it turned out, Juniper SRX has a problem with large DNS responses (dubbed eDNS if I'm not mistaken) and this issue had to be worked around by defining out own application definitions to replace the built-in "junos-dns-tcp" and "junos-dns-udp".

    Editing the relevant firewall policies to use these homegrown application definitions made communication with messagelabs.com kick into overdrive and over the next few minutes we received several hundred emails that had apparently been queued up.

    set applications application dns-tcp application-protocol ignore
    set applications application dns-tcp protocol tcp
    set applications application dns-tcp destination-port 53
    set applications application dns-udp application-protocol ignore
    set applications application dns-udp protocol udp
    set applications application dns-udp destination-port 53

     

    I'm sharing this in case someone else bumps into the same issue.

     


    0 0
  • 04/15/14--05:22: Viewing messagelabs logs?
  • I need a solution

    Hi there everyone, 

     

    Please forgive my ignorance and lack of knowlege in this area. We were recently domain blacklisted due to an email marketing campaign run by an ad agency and it has been left to me to do the post mortem and report as to what happened. Fortunately we were taken off the blacklist after appeal, however, we want to ensure that there are no residual after effects.

    One of the things i had asked our tech support company (who manage email servers etc) to do, was to search the server logs on our returned/non deliverable mails for certain strings like the microsoft blockages... bigfish & 88.blocklist.zap etc. However, they have since come back to me and told me the following:

    "With regard to the above request to search email logs for a specific message.

    It is not possible to search Messagelabs logs in this way, however, if our mail servers were to be added to a blocklist, incidents are raised and investigated immediately."

    To cut a long story short i find it hard to believe that you can't search email server logs... is this really the case?

    Please note that my lack of confidence in their answers comes from general lack of competence lately.

    Anyway, pleasse let me know what you guys think regarding this.

    Kind regards, 

     

    Craig


    0 0

    I need a solution

    We are an Email Service Provider, and one of our shared IP addresses is consistently being granted a negative reputation by Symantec.  I have submitted our IP for investigation several times, each time our reputation is cleared, but within a few hours we're back on the negative list.

    We have many clients who rely on the reputation of this Shared IP, and I believe that our presence on any blacklists is a false positive.  We are actively removing any clients who may be hitting spam traps or practicing poor list hygeine from this IP, in order to optimize the reputation of this shared IP.

    Our users are contractually required to only email contacts who have specifically opted in to receive email.  We immediately remove hard bounces from any sending lists, and address any abnormal complaint rates immediately.  Our emails are all CAN-SPAM compliant.

    Please advise as to what action we can take to remove ourselves from any blacklists.  Thank you.


    0 0
  • 03/07/14--10:00: Dominios en Symantec.
  • I need a solution

    Estimados señores de symantec, al enviar correos desde mi mailserver  me devuelve el mensaje: iagnostic-Code: X-Postfix; connect to cluster5.us.messagelabs.com[216.82.242.131]:25: Connection refused. el ip addres de mi servidor de correos no esta en ninguna blacklist que he revisado.. Cuando intento enviar correos al dominio gildan.com desde mi mailserver el host messagelabs.com(216.82.242.131) me envia el error de connection refused....pueden ayudarme con indicarme donde puedo reportar este problema y solucionarlo??...gracias por su ayuda....


    0 0
  • 05/29/14--11:08: IP blacklisted
  • I need a solution

    Hello,

    We are service provider of email protection. Some of our customers use our SMTP filtering gateways to send their emails on the Internet and thus ensure that they do not send spam or viruses.

    One of our servers: 62.210.146.90 is currently blacklisted you for some unknown reason. Could you please tell us why?

    ​​# telnet cluster8.us.messagelabs.com. 25
    Trying 216.82.254.195 ...
    Connected to cluster8.us.messagelabs.com.
    Escape character is '^]'.
    501 Connection rejected by policy [7.7] 20012, please visit www.messagelabs.com / support for more details about this error message.
    Connection closed by foreign host.

    Could you help me please ?

    Symantec.cloud support stupidly tells me that I am not a customer !

    Regards,


    0 0

    I need a solution

    Hi!
    I got an uncompromissed webserver, for some reasen symantec block my IP. I've tryed to unblock it about 5 times and nothing happens.

    I used Outlook.com ways, symantec ways and no results.

    I need it to be whitelisted.

    Mine is a uncompromissed webserver with some sites, a forum and aour mail. 

    I dont know if it was blocked because suscribers of the forum notification junked our mail or not but I need it to be whitelisted.

    Mine is a true webserver, we do not send spam and we cant use our mail freely because you are blocking it and you dont want to unblock it

    IP: 190.192.160.69

    Thank you


    0 0

    I need a solution

    I operate a small ESP and have a well-known trade show company as a client.  They utilize a dedciated domain and 6 dedicated IP's bound to that domain to send out important exhibitor and attendee material.  All 6 IP's are listed as good on Cisco Senderbase, not blocked at any RBL and not listed by Brightmail anywhere.  All 6 IP's are also Senderscore certified by Return Path.

    Up until 2 weeks ago, all tests sent to ReturnPath's Inbox Monitor showed 100% inbox penetration to their Brightmail seeds.  In addition, we place 100% in the inbox to all seeds, including Gmail.

    Now every message shows 100% placement in the spam folder as "Suspected Spam' to their Brightmail seeds.  We haven't changed anything on the program, haven't added any new data or made any changes to the network settings.

    Has Brightmail and/or Symantec instituted changes that would make these messages now show up as 'Suspected Spam'?


    0 0

    I need a solution

    TO MY UTTER SURPRISE I SEE sibservices.in are not reaching the sender, probably the email from that domain has been blocked.

     

    kindly suggest
     


    0 0
  • 09/03/14--03:47: Anti-spam Solution
  • I need a solution

    One of our SEP antivirus client is facing spam problem on their mail. They are running their mail server on Debian server. All their clients are using microsoft windows OS and MS outlook. 
    Now they want an antispam solution on their network. Which Symantec product is applicable or  can protect spam in this network ?


    0 0

    I need a solution

    I'm using Symantec Content Encryption (SMG) and it´s working fine.

    The time that the message is accesible in the secure portal is 30 days.

    Is this time customizable or is fixed???

    Thanks


    0 0

    I need a solution

    I noticed that when I went into Track and Trace today, there were several anomolies.  Days/Hours options both showing up, drop down menus were on the far left, and the search feature didn't work properly.  I tried from Firefox and had a coworker try from the previous version of Safari and it worked fine.  I have a case opened for the issue but I was curious if anyone else had ran across the issue?  If you are accessing ML via OS X, you may want to hold off on upgrading Safari.  If you are using Safari 7.1 and not seeing the issue, please let me know.


    0 0

    I need a solution

    MessageLabs/Symantec cloud has started blocking all mail from my system without reason.  I really need help with this and hope that someone from Symantec can help.  

    We cannot send to any clients (of which there are many) that are using MessageLabs to filter their mail.  The bounce back we get is:

     

    [216.82.250.19] #<[216.82.250.19] #5.0.0 smtp; 5.3.0 - Other mail system problem 553-'Message filtered. Refer to the Troubleshooting page at\nhttp://www.symanteccloud.com/troubleshooting for more\ninformation. (#5.7.1)' (delivery attempts: 0)> #SMTP#

     

    Our mail exchangers are not listed on any black list and have a very good reputation score.  

     

    Our mail exchangers are:
    mail1.hilcotrading.com 50.204.121.49
    mail2.hilcotrading.com 159.100.210.19

     

    Please help!  Thank you so much.  


    0 0

    I need a solution

    Greetings!

    We are a company offering various Internet related services.

    Recently, we have transferred all our hosting servers to a new hosting server.

    Our new and clean IP's have been listed as bad reputation on Symantec's list. at http://ipremoval.sms.symantec.com/lookup/. The IP has been neutralized and is not listed as a bad reputation anymore.

    But yet, we still receive a return email as follows;

    SMTP error from remote mail server after initial connection:
    host cluster9.us.messagelabs.com [216.82.249.35]:
    501 Connection rejected by policy [7.7] 13802, please visit www.messagelabs.com/support for more details about this error message.

    I haven't confirmed yet, however I believe that the recipient domain is a client of Symantec. And it seems like the bad reputation de-listing is not updated or applied in the client's system.

    This is very inconvenient for us as we will need to contact all of these domains to lift the target IP manually. It is not a practical practice at all.

    I would appreciate if anyone could shed some light to this matter.

    Thank you very much and good day.


older | 1 | (Page 2) | 3 | 4 | .... | 42 | newer