search cancel

Test and verify spam detection in Symantec anti-spam products

book

Article ID: 177132

calendar_today

Updated On:

Products

Mail Security for Domino Mail Security for Microsoft Exchange Messaging Gateway

Issue/Introduction

You want to test and verify spam detection for security audit or personal purposes, for the following products:

  • Symantec Messaging Gateway (SMG)
  • Symantec Mail Security for Exchange (SMSMSE)
  • Symantec Mail Security for Domino (SMSDOM)

For testing of newsletters, marketing mail, and suspicious URLs, go to Testing newsletter, marketing mail and suspicious URLs dispositions

Resolution

Introduction

Use one or more of these methods to test spam detection:

There are two methods to test for spam detection with a X-Advertisement header:

  • Telnet to the server
  • Send mail from another domain via mail client

Telnet method

  1. Open a command prompt.
  2. Open a telnet session with the following: telnet _hostname_ _port_
    • _hostname_ is the host name or IP address of the server to test.
    • For SMG tests, use the Inbound IP or hostname of the SMG.
    • For Mail Security tests, use the IP or hostname of the mail server. 
    • _port_ is the SMTP port in use, usually 25.
  3. Type helo example.com and press Enter.
    A good response is 250 OK.
  4. Type mail from: [email protected] and press Enter. Use an alternate domain to ensure no accidental bypass of the anti-spam filter.
    A good response is 250 OK.
  5. Type rcpt to: [email protected] and press Enter.
    • Use a valid address that is part of the domain.
    • Good response is 250 OK.
  6. Type data
    A good response is 354 Send message content; end with <CRLF>.<CRLF> or similar message.
  7. Type each line:
    1. X-Advertisement: spam and press Enter.
    2. Subject: Spam Delivery Test and press Enter.
    3. spam test and press Enter.
    4. Type a period (.) and press Enter.
    5. Press Enter again.
  8. Type quit and press Enter.
    Response is 221 bye or similar.

This example should be sent to your server and processed by your Symantec product as spam.

Send mail from another domain with an mail client

Another option is to send an email from another domain's address with a mail client. Symantec recommends using Thunderbird, as it allows easier access to header modificaiton.

Using Thunderbird 52.9.1:

  1. Open the Menu button (three lines) in the upper right corner, then go to Options > Options.
  2. Click the Advanced tab, then click the General sub-tab.
  3. Click the "Config Editor..." button.
  4. Enter "mail.compose.other.header" (not including the quotation marks) under Filter:.
  5. Double-click mail.compose.other.header.
  6. Enter X-Advertisement and click OK

This will add a "X-Advertisement" option at the top of new emails. Enter "spam" in that field and Thunderbird will deliver a message with a full header of X-Advertisement: spam.

Attachments

Test_SPA.zip get_app