The Symantec Messaging Gateway (SMG) appliance version 10.5 is seen connecting out to https://tmsg.symantec.com/, which is new behavior introduced in this version.
This is a weekly communication of telemetry data from each SMG appliance which allows Symantec to gather statistical data on system utilization as well as software installation and licensing status. No personal identifying information is included in the telemetry package.
The tmsg.symantec.com domain is used for product health updates to help ensure the increased quality and stability of the product. This usage is covered under the End User License Agreement in section 17.3:
The status information collected and transmitted to Symantec regarding
the installation and operation of the Licensed Software indicates whether
installation of the Licensed Software was successfully completed as well as
whether the Licensed Software has encountered an error. This information is
collected by Symantec for the purpose of evaluating and improving Symantec's
product performance and installation success rate. The status information
could contain other information if included in the name of the file or folder
encountered by the Licensed Software at the time it encounters an error.
This information will not be correlated with any other information.
Telemetry data is transmitted once per week by each SMG host, beginning a week after installation. In the event that https://tmsg.symantec.com is unreachable, telemetry delivery is retried once per hour. The telemetry communication is secured by TLS and uses a local proxy server if one has been defined. There are no adverse effects if telemetry delivery fails.