Outbound messages may be identified as SPAM by Symantec Mail Security for Microsoft Exchange
Article ID: 156524
Updated On:
Products
Issue/Introduction
Outbound messages are identified as SPAM by Symantec Mail Security for Microsoft Exchange. Only inbound messages should be scanned for SPAM.
Cause
Symantec Mail Security relies on a Microsoft value to determine the direction of a message for Anti-Spam and Whitelisting. This value is
EndOfDataEventArgs.SmtpSession.IsExternalConnection
If this value is True the message will be considered inbound and will be passed to the Symantec Premium Anti-Spam engine for scanning.
The value is determined exclusively by the InternalSMTPServers value on the Exchange Hub / Edge Server. If the connecting IP address is from a machine that is not listed on the InternalSMTPServer list the message will be flagged as inbound.
Resolution
If messages originating in your environment are being identified as SPAM you must determine whether the message is being correctly identified as arriving from an Internal SMTP Server.
To check what SMTP servers are considered internal on the Exchange server run the command.
Get-TransportConfig
Review the values for InternalSMTPServers. If internal servers that connect to this Hub / Edge server are not present they can be added by using the following command
Set-TransportConfig -InternalSMTPServers
Followed by the IP addresses of the servers you wish to add seperated by comma's.
For an explanation of how to use this command from Microsoft please visit the Microsoft Knowledge base
technet.microsoft.com/en-us/library/bb201691.aspx.
This command will not run on a Microsoft Edge server, in order to set the InternalSMTPServers on an Edge server the command must be ran on the Hub server that the Edge server synchronises with and then run EdgeSync using the following command
Start-EdgeSynchronization -Server <hub server>
Where <hub server> is the server from which you wish to initialise the Edge synchronisation. For further details on this command please refer to the Microsoft Knowledge Base
http://technet.microsoft.com/en-us/library/aa996383.aspx
Please be advised Symantec are unable to accept any responsibility for changes made to your Exchange Environment as a result of the information provided here. You are advised to test any modifications prior to introducing them in your production environment and are strongly advised to ensure that any changes can be backed out.
For any further information on these changes please refer to Microsoft.
Applies To
Windows 2008
Exchange 2007 / 2010
Symantec Mail Security for Microsoft Exchange.
Feedback
