search cancel

Spam messages are not being detected when Mail Security for Microsoft Exchange (SMSMSE) cannot connect to aztec.brightmail.com

book

Article ID: 172587

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

 

Spam effectiveness is lower than expected.  Messages that appear to be spam are not being blocked by Symantec Mail Security for Microsoft Exchange (SMSMSE). 

 

The following conditions are true:

  • Messages from an external source (such as missed spam) contain the message header:  X-Brightmail-Tracker
  • All bm_ruleset.* folders  at <SMSMSE Install Path>\Server\ have a date modified value older than one day.
  • Conduit.log located located at <SMSMSE Install Path>\Server\logs\ displays error messages similar to the following: 

2018-09-13T00:00:56+02:00 (ERROR:9772.8464): [12034] Network error occurred, SSL certificate problem: unable to get local issuer certificate (60), check your network connection settings, check your proxy settings (if applicable), and check to ensure that port 443 (HTTPS) is open through any relevant firewalls.

Cause


SMSMSE requires an open outbound connection over port 443 to aztec.brightmail.com in order to download the latest antispam rulesets.

 

Resolution

 

Open the network connection to allow the SMSMSE server to connect to aztec.brightmail.com over port 443.  Commonly, a proxy or firewall is the device preventing the connection from successfully being established.

Additional notes:

For SPAM filtering effectiveness; please ensure there are no restrictions at any given time on the connection between SMSMSE and Symantec brightmail hosts.  Optimal effectiveness requires ruleset downloads to occur as timely as possible.

The SPAM rulesets updates are typically no more than 5 to 10 minutes with the exception of some specific rulesets.

The following are the hostnames and ports required for registration of Premium Antispam and ruleset downloads:

Hostname

Protocol

Port

https://register.brightmail.com

TCP

443

https://aztec.brightmail.com

TCP

443

Note:   Selecting each of the links above should return an OK response.   If it doesn't, you may have a firewall or proxy issue.