Intermittent or Complete outbound email delivery failure.
You may have received a notification from Symantec Email Security cloud support that the SMTP server has been compromised and is relaying spam.
553-you are trying to use me [server-X.tower-XXX.messagelabs
553-.com] as a relay, but I have not been configured to let
553-you [IP, server.address] do this. Please
553-visit www.symanteccloud.com/troubleshooting for more
553-details about this error message and instructions to
553 resolve this issue
A server registered on Services>Outbound Routes on Email Security cloud platform is being used to relay spam through the Symantec.cloud infrastructure. This can cause Symantec. cloud infrastructure to be blacklisted by various lists and potentially cause delivery problems for all Symantec.cloud clients.
This type of compromise can occur due to multiple reasons. The most common causes are poor password security for one or more of the user accounts, lack of anti-virus software, etc. Click here to know more about other types of Active and Passive attacks.
Due to aforementioned reasons, spammers are able to compromise a user account on your mail server utilizing SMTP Authentication to relay spam messages.
To avoid Symantec Infrastructure from getting blacklisted, compromised mail server IP may be removed from the Client Net Outbound Routes section. If the server IP is successfully removed, you may experience outbound email delivery failure.
Contact Technical Support after successfully securing the mail server and it will be added back to Outbound routes.