Mail from 92.222.92.253 is no reaching destination

I need a solution

Hello,
Since a few days ago, messages from the server correo.efismart.es (92.222.92.253) are not arriving to destinations managed by you. As an example, legitimate mails sent from xxxxx@montajesfiver.com to  xxxxx@abanca.com do not reach destination, the mails are accepted by destination servers but they not appear in the recipient mail, so I undertand that the mail is silently rejected. The domain montajesfiver.com is managed by the correo.efismart.es server.

I have revised the mail server logs of the last few days and I do not find any suspicious activity, only the usual mail movement. Also I have check the mail address agaisnt several reputation services and all of them return that the reputation is good or neutral, also the ip is no listed in any blacklist service but yours.

The IP of the server appears with negative reputation in https://ipremoval.sms.symantec.com/. I tried to send an investigation request but the form keeps show up again and again when I press the investigate submit button, so I am not sure that the request is sent.

Any help will be appreciated.

Many thanks,

Enrique

0

Related:

  • No Related Posts

Best Practices guide for Blue Coat Intelligence Services (BCIS) Advanced Web Bundle?

I need a solution

I now have a subscription to Blue Coat Intelligence Services (BCIS) Advanced Web Bundle for my ProxySG appliances – formerly, I only had BCWF (Blue Coat Web Filter).

I’m searching for any kind of “Best Practices” guide to help me implement some of the new features that I now have available… specifically, Threat Risk Levels, Security Categories and Geo IP.

The V6.7.x ProxySG Administrator Guide only briefly touches on these areas, and I’d love to have something more in-depth on this topic.

Thanks,

Lee

0

Related:

  • No Related Posts

AutoUpgrade Clients to SEP 14.2 and Maintain Existing Features

I need a solution

We are looking for a way to AutoUpgrade our SEP clients to version 14.2 MP1 and truly maintain all of the existing client features.

We have been “AutoUpgrading” SEP clients since version 11.  We have always used the “Maintain Existing Client Features When Updating” option during the AutoUpgrade.  This has never been a problem for us before now.

Recenlty we upgraded our SEP Managers to SEP 14.2 and used the “AutoUpgrade” function with “Maintain Existing Features” and found that all the clients had a new feature installed called Application Hardening.  This was totally unexpected.  This change was not documented in the Release Notes 

It seems that Symantec Endpoint Protection Hardening was introduced between the 14.0 and the 14.2 releases and as a result, you could not upgrade 14.0.x clients with SEP Hardening automatically.

NOTE that Application Hardening requires a separate license to use and then, it can only be enabled and managed via the Cloud management portal.  We are not using the Cloud-based features and currently do not have any plans to.

So, in 14.2, when you upgrade all of your clients with AutoUpgrade and use the “Maintain Existing client features when updating” option, your clients will have the Application Hardening feature installed.

We do not want to have a component installed on our clients that we are not going to use and that we won’t be purchasing a licnese for.

Does anybody know of a way for us to AutoUpgrade our clients and still Maintain the existing client features during the upgrade?

Was everybody even aware that this happens?

0

Related:

  • No Related Posts

Questions about deploy a several endpoint server

I need a solution

Dear,

At the moment my dlp infrastruture is a three tier deployment with one endpoint server for aprox. 3000 computer divide in a local site and several branch office.

Each bandwidth of this branch office is 4 megas , and the the local site has a bandwidth of 20 megas.

The local site has aprox, a 1800 computer and the each branch office has aprox 40 computer.

The endpoint server have 20 policy using a IDM, keywords and regular expressions

My idea is take a endpoind server for each branch office or agroup several branch office for on one endpoint server

And my questions about are

Its possibe to use a server with a role of file server for a endpoint server 

For 40 computer how is the hardware necessary for a deloy a endpoint server

I have to create one agent package for endpoint server

Its possible later via enforce change some computer to other endpoint server in case this is shoutdown

The last year the bandwith has present a saturation and shoutdown the enpoint server and i like the prevent this episode again using a local endpoint for the process of all the policy and later only send the result to the enforce server

0

Related:

  • No Related Posts

Emails to Clients Bounce Back 553 Error

I need a solution

Hi, 

I am unable to email any of our clients using Symantec as I am receiving a “553 Filter Message Error”. I am unable to send emails, or even reply to old ones. This is now affecting my personal email accounts which I have attempted to use to be able to communicate with clients, but I am now getting the same error. Im not sure what you are using to filter messages, but filtering my personal accounts is a major issue, let alone the company Domain. 

Would it be possible for someone to contact me on how to get this resolved ASAP. I spoke to support who said they could not help me as I am not a customer, therefore, there is nothing to be done. We can’t ask all of our clients to raise tickets on our behalf as it is incredibly unprofessional.

Thanks, 

0

Related:

  • No Related Posts

Image prep guide

I need a solution

Hi,

I don’t have any training or experience creating images but I’ve ended up being tasked with creating one for some new PCs.  Are there any guides for prepping the image before capturing it with Ghost?  A few immediate questions I have are:

  • The PCs we have came pre-installed with Windows 10 Pro, do I need to re-install Windows 10 with a volume licensed version or will Ghost re-apply the current license?
  • Do I need to sysprep before or after joining the PC to the domain.

I’m sure there is a lot more I’m not even aware of or thinking about right now.  Any info is appreciated, thanks!

0

Related:

  • No Related Posts

Can’t access web based applications

I need a solution

Hello, after installing SEP on the laptop, I can’t access my Spiceworks application on our internal servers. I access Spiceworks using http://servername:port. I am able to reach the login screen of spiceworks. However, when i put my credentials i get a error stating incompatible browser. However, my browser is correct version

When i disable Symantec, it works fine?

Any assistance??

0

Related:

  • No Related Posts

AV Exclusions

I do not need a solution (just sharing information)

Hi,

I have just been reviewing the exclusions policy that we have for some of our servers and in particular the automatically created exclusions for certain products as mentioned in the Admin guide and HOWTO80947.

Reading the article the SEP agent is able to scan for third party products installed and build exclusions based on the scan results.

Is there a definitive list of applications that SEP supports?

Can this scan be manually initiated?

I have noticed that the agents detect some products but not others listed in the HOWTO guide.

Its not an issue to manually define the exclusions, but the automatic method appears to reduce the need for wildcard exclusions or file extension exclusions.

What are other peoples experiences?

Many thanks

0

Related:

  • No Related Posts

Category for URL and IP address are not the same in WebPulse Site Review

I need a solution

Hi

There’s a problem that some website is affected by malware or virus and that website is categorized as negative category by URL. Negative category will be blocked by default due to policy but I found that I still can connect with IP address that resolved from URL that affected by virus. I check category for the IP address and it categorized as positive category so I have to manually add IP address in blacklist to resolve the issue. 

Is there a way to do this automatically to prevent client to access website like this?

Any help would be appreciated

0

Related:

  • No Related Posts

ASG | Radius accounting with Cisco ISE

I need a solution

Dear All

  Customer would like SSO authen solution  If Cisco ISE send Radius accounting via Syslog following reference from url as below,

https://community.cisco.com/t5/identity-services-engine-ise/forward-ise-2-4-radius-accounting-messages-to-check-point/td-p/3776561

ASG Proxy can support to receive Radius Accounting event as a SYSLOG message or not ?

but follow my understand Proxy must receive Radius accounting direct not via Syslog message.

and create authentication realm Policy Substitution it will support SSO authentication.

please recommend for this case.

Besr Regards,

CR

0

Related:

  • No Related Posts