Spam definitions in Symantec Messaging Gateway (SMG) are not updating. Upon checking the conduit logs, the following error is observed:
"Peer's certificate issuer has been marked as not trusted by the user."

SMG: 10.7.X, 10.8.X, 10.9.X

This issue occurs when a firewall or proxy interferes with the TLS certificate provided by Broadcom servers during the spam definition download process. If the TLS certificate is replaced or altered by the firewall/proxy, the handshake between SMG and the Broadcom servers will fail, preventing the spam definitions from being downloaded.

To resolve the issue, disable any TLS interference on the firewall or proxy between SMG and the hostnames utilized by Messaging Gateway. This will allow the TLS handshake to proceed without issues, ensuring successful spam definition updates.