Tag: Electronic mailing list

Query Whitelisted Devices from Application device and conrol

Symantec Community Leave a comment
I need a solution

Is there a way we could query the whitelisted devices aligned with computer names and group they are belong to?

Currently we have 8000+ clients and 100+ whitelisted devices.

We just want to generate a report that includes Computer Name ,  Log in user, Group Name and whitelisted devices.

Thank you!

0

Related:

Inbound Messages to Symantec.cloud customers bounce back

Symantec Community Leave a comment
I need a solution

We are not a Symantec customer, but send to Symetec customers often. Beginning on May 22 we have had several messages returned after being filtered and considered SPAM. All messages had the same issue.

550 5.0.350 Remote server returned an error -> 553 Message filtered

All messages are sent from the originating domain reckner.com through Microsoft Office 365. This is the first time I can recall us having messages returned from Symantec Cloud customers. My senders have had to call the recipients and ask to be whitelisted, which is inconvenient to them. The messages are legitimate business communications with recipients they have communicated with frequently in the past.

I can provide sender/recipient and times if necessary.

0

Related:

Cisco Email Security Appliance URL Filtering Denial of Service Vulnerability

Cisco Leave a comment

A vulnerability in the email message filtering feature of Cisco AsyncOS Software for Cisco Email Security Appliances (ESA) could allow an unauthenticated, remote attacker to cause the CPU utilization to increase to 100 percent, causing a denial of service (DoS) condition on an affected device.

The vulnerability is due to improper filtering of email messages that contain references to whitelisted URLs. An attacker could exploit this vulnerability by sending a malicious email message that contains a large number of whitelisted URLs. A successful exploit could allow the attacker to cause a sustained DoS condition that could force the affected device to stop scanning and forwarding email messages.

Cisco has released software updates that address this vulnerability. There are workarounds that address this vulnerability.

This advisory is available at the following link:
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20190109-esa-url-dos

Security Impact Rating: High

CVE: CVE-2018-15460

Related:

Connect to cluster6.us.messagelabs.com[67.219.247.52]:25: Connection timed out

Symantec Community Leave a comment
I need a solution

I have a phone system that sends a large amount of voice mail and faxes via email to a customer. The email is sporadically bouncing between being delivered and the connection timing out. I spoke to the service provider for the customers email and they can’t seem to get any resolution on it hence why I’m here working on a service that I don’t manage. The IP of the mail server the messages are coming from is 35.168.236.155. Some messages appear to be delivered (I’m getting 250 OK messages) and then emails that follow right behind it are timing out trying to connect to the message lab servers, specifically cluster6.us.messagelabs.com because thats what the customers MX records resolve to. I have been told that the server IP is whitelisted and all should be good, but I feel like the messages are still being either throttled or connections to the mail cluster are being throttled and that’s why I’m getting the connection time outs. This is an ongoing problem and is becoming more and more visible to the customers management team so I need to get this resolved. Messages that time out being delivered are queued and attempted later, but the customer isn’t getting their voicemail and faxes for sometimes up to 24-48 hours later. Can someone please check this for me? The mail provider doesn’t appear to want to call Symantec to resolve this so I’m working on it as well. I can provide detailed logs through private message or email from support, but not here for obvious reasons. I have posted timestamped logs for review. 

Nov 20 11:25:48 ip-172-31-16-21 postfix/smtp[26672]: connect to cluster6.us.messagelabs.com[67.219.247.52]:25: Connection timed out
Nov 20 11:26:05 ip-172-31-16-21 postfix/smtp[26606]: connect to cluster6.us.messagelabs.com[67.219.250.100]:25: Connection timed out
Nov 20 11:26:05 ip-172-31-16-21 postfix/smtp[26608]: connect to cluster6.us.messagelabs.com[67.219.247.52]:25: Connection timed out
Nov 20 11:26:06 ip-172-31-16-21 postfix/smtp[26609]: connect to cluster6.us.messagelabs.com[67.219.246.196]:25: Connection timed out
Nov 20 11:26:07 ip-172-31-16-21 postfix/smtp[26552]: connect to cluster6.us.messagelabs.com[67.219.251.52]:25: Connection timed out
Nov 20 11:26:18 ip-172-31-16-21 postfix/smtp[26672]: connect to cluster6.us.messagelabs.com[67.219.246.196]:25: Connection timed out
Nov 20 11:26:36 ip-172-31-16-21 postfix/smtp[26606]: connect to cluster6.us.messagelabs.com[67.219.250.196]:25: Connection timed out
Nov 20 11:26:36 ip-172-31-16-21 postfix/smtp[26608]: connect to cluster6.us.messagelabs.com[67.219.250.100]:25: Connection timed out
Nov 20 11:26:36 ip-172-31-16-21 postfix/smtp[26609]: connect to cluster6.us.messagelabs.com[67.219.247.52]:25: Connection timed out
Nov 20 11:26:37 ip-172-31-16-21 postfix/smtp[26552]: connect to cluster6.us.messagelabs.com[67.219.246.196]:25: Connection timed out
Nov 20 11:26:48 ip-172-31-16-21 postfix/smtp[26672]: connect to cluster6.us.messagelabs.com[67.219.250.100]:25: Connection timed out
Nov 20 11:27:06 ip-172-31-16-21 postfix/smtp[26606]: connect to cluster6.us.messagelabs.com[67.219.247.52]:25: Connection timed out
Nov 20 11:27:06 ip-172-31-16-21 postfix/smtp[26608]: connect to cluster6.us.messagelabs.com[67.219.246.100]:25: Connection timed out

0

Related:

Emails being blocked from messagelabs

Symantec Community Leave a comment
I need a solution

Hello Mohammed,

The emails from Synechron.com domain with Web link (www.synechron.com) in email body and email signature are bouncing and are not delivered to the recipients.

The bounced message has an error code “553 Message filtered” (Remote server: server-14.tower-307.messagelabs.com, www.symanteccloud.com).

However, the emails sent without the web link is being delivered to the recipients.

Can you please whitelist Synechron.com email domain and web sites http://www.synechron.com and https://www.synechron.com

Had asked Symantec team to investigate on same and below were the comments;

Dear Satya Kabi,

We are writing to inform you that Symantec Brightmail, as a purely discretionary matter, has decided to lift the block on the message submitted to us for investigation. We wrote a rule filter on your submitted message as a result of significant user complaints and receipt of messages in our decoy email accounts. This indicates to us that you do not have a clean list. Although we have lifted the filtering rule against this mailing list, we recommend that you reconfirm and promptly update your mailing list to remove users who have opted out, and implement a double opt in process. If we continue to receive a higher level of user complaints and/or receive messages in our decoy accounts, there is no assurance that we will not reinitiate a block on your messages.

Best Regards,

Symantec Brightmail Investigation Team

Please share us with the root cause analysis as why Synechron.com was being filtered from messagelabs and we can get this resolved.

Thanks in advance and looking forward to hearing from you.

0

Related:

Spam Server being blocked by Messaglabs

Symantec Community Leave a comment
I need a solution

Good Day,

Our SpamExperts servers are being blocked by messagelabs for some reason, we urgently need these unblocked and whitelisted as clients in our hosted exchange environement are unable to send important emails to clients using messagelabs.

Is there a support line or portal that we can use to escalate?

0

Related:

reset UBA user db

IBM Customer Leave a comment
Hi,
i have put many monitored users, around 5000, into whitelist trusted reference set.
If i reset the db via qapp_utils.py these whitelisted users will become invisible from uba dashboard, from Monitored Users tab ??

Regards

Related:

MessageLabs Delaying Email

Symantec Community Leave a comment
I need a solution

Messages to my client are regularly being delayed by about 14 hours by mail1.bemta6.messagelabs.com.

How do I ensure they are whitelisted so that these lengthy delays do not take place?

I can provide my client’s domain and email address in a PM.

0

Related: