This article describes the usage of an external 3rd party service for phishing assessments, emails get blocked by Email Security.cloud or click-actions which do not get performed by the recipient's users.

Email Security.cloud

All emails that are sent through the Email Security.cloud platform are subjected to normal scanning practices and phishing assessment emails are no exception. As a result, these types of emails may get blocked by either the Anti-Spam or Anti-Malware scanners.

Part of the Anti-Malware scanning process is a feature known as "Link Following" which checks for anything potentially malicious waiting behind a link. This check may result in link recording a "click" action.

Note : Unlike Anti-Spam scanning, it is not possible to exclude a sender from Anti-Malware scanning.

Sending phishing assessment tests through the Email Security.cloud infrastructure is not recommended. Instead, send tests directly to the receiving mail server which bypasses the Email Security.cloud platform. Many phishing assessment services provide a method for delivering their emails by a static mail route. This route can be set to the mail server address. If the firewall is properly locked down to only accept Symantec IP ranges, open a path to the phishing assessment sending servers. The service provider can assist with the configuration steps required.

Note : Please do not submit phishing assessment emails as false positive detection.