This article describes the usage of an external 3rd party service for phishing assessments, emails get blocked by Email Security.cloud or click-actions which do not get performed by the recipient's users.
Email Security.cloud
All emails that are sent through the Email Security.cloud platform are subject to a normal scanning process, and phishing assessment emails are no exception. As a result, these types of emails may get blocked by either the Anti-Spam or Anti-Malware scanners.
Part of the Anti-Malware scanning process is a feature known as "Link Following" which checks for any potential malicious activity behind a link. This check process may result in a link recording it as "Click" action.
Note : Unlike Anti-Spam scanning, it is NOT possible to exclude a sender from Anti-Malware scanning.
Sending phishing assessment tests through the Email Security.cloud infrastructure is NOT recommended. Instead, We recommend sending such tests directly to the receiving mail server which bypasses the Email Security.cloud platform. Many phishing assessment services provide a method for delivering their emails by a static mail route. This route can be set to the mail server address. If the firewall is properly locked down to only accept Symantec IP ranges, open a path to the phishing assessment sending servers. The service provider can assist with the configuration steps required.
Note : Please do not submit phishing assessment emails as false positive detection in your portal.