Spam from authenticated SMTP servers is not detected by Symantec Premium AntiSpam in Symantec Mail Security for Microsoft Exchange (SMSMSE)
|Article:TECH82259|||||Created: 2004-01-20|||||Updated: 2011-11-02|||||Article URL http://www.symantec.com/docs/TECH82259|
The antispam engine does not detect spam when the sending server uses authenticated SMTP.
- SMSMSE version 6.5.1 and lower
SMSMSE does not scan messages from authenticated SMTP servers.
Upgrade to SMSMSE 6.5.2 or higher.
There are two possible solutions, depending on how Exchange has been set up to bypass these SMTP sessions:
- Configure SMSMSE to always scan email coming from authenticated servers
1. Open regedit.
2. In the Registry Editor create the following DWORD key:
32 bit systems: HKEY_LOCAL_MACHINE\Software\Symantec\SMSMSE\<version>\Server\Components\SMTP\DoAntiSpamOnAuthSessionsBool
64 bit systems: HKEY_LOCAL_MACHINE\Software\Wow6432Node\Symantec\SMSMSE\<version>\Server\Components\SMTP\DoAntiSpamOnAuthSessionsBool
Where <version> is the version of SMSMSE installed. The following is an example of 6.5 installed on a 64-bit system:
3. In right pane right-click DoAntiSpamOnAuthSessionsBool and then click Modify.
4. In Value Data type 1.
5. Exit regedit.
6. Restart the Symantec Mail Security for Microsoft Exchange service.
- Review and adjust Transport Settings in Exchange.
1. Open the Exchange System Manager
2. Expand the following:
Organization Configuration > Hub Transport > Global Settings > Transport Settings(Properties) > Message Delivery
3. You will see listed one, or more IP addresses
The addresses listed are considered as “whitelisted” by Exchange and will need to be removed for Symantec Mail Security to scan the mail that is coming from them.
Article URL http://www.symantec.com/docs/TECH82259