Some PDF files are being detected as executable file by Symantec Messaging Gateway. You want to know the reason and how to get around it.
The PDF file is being detected as Executable file due to the incorrect MIME type that appears in the headers of the message:
e.g. Application/x-download instead of Application/pdf
The message headers are created by the Email Client used by the sender.
Symantec Messaging Gateway is working as designed. Inform the sender that he is sending the PDF files as executable. You can ask him to try with a different email client or browser and see if that makes any difference.
It's possible that a software installed on the sender (e.g. pdf2exe utility to convert pdf files to executables) has affected the way the email client adds the PDF file as document or executable.
A possible workaround for this issue is to change the action of the content policy to quarantine the message or you can go to Content -> Attachment List -> Executable file and remove the type that appears in the message headers (e.g. Application/x-download) but you have to take into account that this would affect all of the attachments with Application/x-download as Mime Type.