The SEDR Appliance will not send email alerts if any of the accounts configured have an invalid email address


Article ID: 170405


Updated On:


Endpoint Detection and Response Advanced Threat Protection Platform


You have set up multiple accounts on the Advanced Threat Protection or Symantec Endpoint Detection and Response appliance, and enabled the box to receive alert emails, but no emails or received despite seeing Incidents being generated.


When setting up the account information on ATP, you have to provide a correct and valid e-mail address for any account that you select to receive alert emails. If the mail server rejects any of the recipient email addresses, the ATP software will abort the email and nothing will be sent.


You will need to review each user account on the Settings -> Users screen and verify each email address for accounts where 'Receive email notification when incidents occur' is checked. Validate that the configured SMTP server will allow the appliance to relay for email domains provided, if they are not local to that SMTP server.