Email messages from an external mailer are being tagged as spam by Symantec Messaging Gateway or Email Security.cloud.

You consider the email to be legitimate and would like the filter removed. You also want to know what steps can be taken to prevent your email from being blocked in the future.

• Symantec Messaging Gateway
• Symantec Messaging Gateway for Service Providers
• Email Security.Cloud

Message is blocked by Anti-Spam rules

Symantec is willing, purely as a discretionary matter, to investigate the reason why your company's messages may be blocked by our filtering software.

A legitimate email which has been incorrectly given a verdict of spam can be submitted to Symantec for analysis and filter review.

To analyze a false positive message, Symantec must receive the original false positive message:

• As an "message/rfc822" email attachment*
• One email attachment per submission**

Send the false positive message as an email attachment to the appropriate address for your region:

• Americas: [email protected]
• EMEA: [email protected]
• APAC: [email protected]
• Japan: [email protected]

Instructions on how to attach messages for common email clients are provided below. For all other email clients, please check the documentation or contact the service provider for help.

Feedback on false positive submissions

Symantec does not acknowledge messages submitted to the above addresses. Ensure that you are following the procedure outlined above to submit in a correct format. If this fails to resolve the matter please contact your administrator or Symantec support.

My IP has a negative reputation with Symantec

To check the reputation of a specific IP address, go to IP Reputation Investigation.

If you believe a reputation is incorrect, you can request that the IP be investigated further by clicking the "investigate" link that appears with the result of the query. If an IP does not have a negative reputation, it is not on the global blacklists in any Symantec Messaging Gateway product.

Investigation requests are typically processed within 24 hours, but no feedback is provided other than removal of the IP address if it passes review. The investigation site is for the resolution of issues related to Symantec’s IP reputation service, and is not related in any way to any other 3rd-party blacklists or realtime blacklist (RBL).

Administrators receive confirmation that their investigation request will be processed at the time of the request, but no final confirmation is sent to confirm the action taken if any.

Symantec reserves the right to review all requests and take appropriate action based on observed email traffic originating from the IP in question.

What happens to false positive submissions?

Only messages sent following the procedure above will be accepted for analysis.

Each false positive submission is examined individually to assess what caused the message to be detected as spam and what corrective action, if any, needs to be taken.

Note that Symantec does not guarantee that each submission results in an alteration of our filters.

Email list best practices

To ensure that your email addresses are legitimate, and to help avoid being tagged as spam, Symantec recommends adhering to the following best practices:

• Ensure that your database does not contain older email addresses of those who do not want to receive your promotional or marketing email. Send confirmation emails to determine who should remain on your list and who to remove.
• Do not accept email addresses from third-party marketers, unless you can assure that such email addresses are legitimate, and that such subscribers want to receive your promotional or marketing email.
• If a subscriber no longer wants to receive your emails, provide a method by which a subscriber can opt-out. Promptly remove these opted-out email addresses from your list.
• Promptly remove from your email list any email address that bounces back to you. This indicates that the recipient is no longer available.
• Use a double opt-in method to sign up subscribers. This will confirm that the subscriber requested your promotional and marketing email.
• Remove email addresses of those who do not open your email messages.
• Consider using a third party to manage and update the addresses on your email list.