Upgrade to SMSMSE 6.5.2 or higher.

Workarounds

There are two possible solutions, depending on how Exchange has been set up to bypass these SMTP sessions:

• Configure SMSMSE to always scan email coming from authenticated servers

 
1. Open regedit.

2.  In the Registry Editor create the following DWORD key:

32 bit systems: HKEY_LOCAL_MACHINE\Software\Symantec\SMSMSE\<version>\Server\Components\SMTP\DoAntiSpamOnAuthSessionsBool
64 bit systems: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\SMSMSE\<version>\Server\Components\SMTP\DoAntiSpamOnAuthSessionsBool

Where <version> is the version of SMSMSE installed.  The following is an example of 6.5 installed on a 64-bit system:

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\SMSMSE\6.5\Server\Components\SMTP\DoAntiSpamOnAuthSessionsBool

3. In right pane right-click DoAntiSpamOnAuthSessionsBool and then click Modify.
4. In Value Data type 1.
5. Exit regedit.
6. Restart the Symantec Mail Security for Microsoft Exchange service.

• Review and adjust Transport Settings in Exchange.

1.  Open the Exchange System Manager

2.   Expand  the following:

Organization Configuration > Hub Transport > Global Settings > Transport Settings(Properties) > Message Delivery

3.   You will see listed one, or more IP addresses

The addresses listed are considered as “whitelisted” by Exchange and will need to be removed for Symantec Mail Security to scan the mail that is coming from them.