Symantec Messaging Gateway (SMG) IP reputation does not appear to block connections as expected, resulting in an increase in missed spam messages. The Brightmail Engine logs show multiple errors indicating that DNS TXT queries are failing.
DNS TXT query for "126.96.36.199.zodiac.brightmail.com" failed unexpectedly.
This error results from a failure in looking up the IP of a mail sender on the Symantec Global Reputation Service.
Note: This error does not appear if there is no record associated with the sender in the reputation service. This error appears only if there is a failure in the lookup process.
Ensure that you have a correctly configured DNS server for the appliance on which this error occurred. You can find the DNS server configuration for the appliance in question by accessing the Control Center'sscreen. Select the checkbox next to the appliance with the error and click . In the page that appears, click the tab and confirm that you have only valid entries for your DNS server.
Execute a DNS query using either the Admin CLI's nslookup command, or the Control Center's . Extract the domain from the error in question. The domain looks similar to: 188.8.131.52.zodiac.brightmail.com.
Execute a TXT record query for that domain. Following is a sample record query:
> nslookup -type=TXT 184.108.40.206.zodiac.brightmail.com
You must receive a response that includes:
Non-authoritative answer: 220.127.116.11.zodiac.brightmail.com text = "H=1"
If the nslookup utility fails:
If you cannot execute this query from another network segment:
Broadcom does not have a reputation record for every IP on the internet. So, it is expected that looking up some records may return a nxdomain response. Effectively these messages are informational and can be considered benign.