Email Security.cloud infrastructure is blacklisted
book
Article ID: 178918
calendar_today
Updated On:
Products
Email Security.cloud
Issue/Introduction
Resolution
Symantec.cloud Email infrastructure may get blacklisted from time to time. This is due to abused user accounts or compromised servers relaying spam through Symantec's infrastructure. This will cause for the Symantec IPs to be blacklisted by various lists.
Symantec does Outbound Spam Scanning for every email that passes through the email security.cloud Infrastructure and rejects the emails that are identified as spam in order to provide continuity of service. Keep in mind that the Outbound spam scanning is more lenient to reduce the amount of false positive that could impact our customers.
Symantec does monitor blacklists regularly and where possible request de-listing immediately.
If it is believed the blacklisting is causing an issue for specific messages, provide examples of failed messages to confirm that there is a connection to the specific blacklisting. It is very common for users to see an email fail and then do a blacklist check and assume that must be the reason, even if the message reported by the recipient system doesn't indicate that is the cause for the rejection or even specifically reports a different issue entirely.
It is not uncommon for a recipient mail server to continue rejecting for a short time even after we have confirmed the de-listing as the result is usually cached locally for a period of time.
All blacklists are not created equal. Some may have slower policies for de-listing. Therefore, Symantec needs to wait the time period to be removed from the specific blacklist.
Additionally, some lists may charge for de-listing, Symantec WILL NOT honor this and make such payments as section 2.2.5 of RFC 6471 specifically forbids charging for de-listing and recommends that such lists should not be used.
"Therefore, negative-connotation DNSBLs MUST not charge fees or require donations for de-listing or "faster handling", and it is RECOMMENDED that such DNSBLs that do charge fees or require donations not be used."
If a recipient organization is making use of such a list, we recommend providing them with this information and suggesting a better list might be used such as: