Testing mail flow and spam detection in Symantec anti-spam products powered by Brightmail

Article:TECH83693  |  Created: 2005-01-02  |  Updated: 2014-07-03  |  Article URL http://www.symantec.com/docs/TECH83693
Article Type
Technical Solution


You installed a Symantec anti-spam products powered by Brightmail. You need to know how to test mail flow and spam detection. This KB does not apply to the Symantec Traffic Shaper (STS).

To test some of the new non-spam dispositions on Symantec products check Testing newsletter, marketing mail and suspicious URLs dispositions


You can test mail flow and spam detection in a variety of ways. One way is to use Telnet to create an email and send it from an external source. In the email message, add at least one of the following:

Note: Disable SAV Email Auto-protect before testing. The test strings do not work for Symantec Mail Security for SMTP 5 in Basic AntiSpam mode. The test strings do work for Premium AntiSpam mode.

To send a test message using Telnet

  1. Open a command prompt.
  2. Type the following command to open a Telnet session:

    telnet <host> <port>

    where <host> is the host name or IP address of the server and <port> is the correct port number to use.
  3. Type the following command:

    helo example.com

    The correct returned response is as follows:

    250 <some greeting strings>

  4. Type the following command:

    mail from: test@example.com

    Do not use the domain you installed the Symantec anti-spam products as part of mail from line. Use an alternate domain for the test. If the installed domain is <your-domain.com>, run Telnet from an alternate domain like <example.com>. This change ensures that you do not accidentally bypass the antispam filter.

    The correct returned response is as follows:

    250 <some strings which suggest mail command was accepted>

  5. Type the following command:

    rcpt to: your-address@your-domain.com

    Make sure that you use an email address that you can check for your-address@your-domain.com.

    The correct returned response is as follows:

    250 <some strings which suggest rcpt command was accepted>

  6. Type the following command:


    The correct returned response is as follows:

    354 <some strings which request to enter the message body>

  7. Type one of the following lines and any additional text that is needed (end with two CRLFs after a period):

    X-Advertisement: spam
    Subject: Spam Delivery Test
    spam test
    . <CRLF>


    The correct returned response is as follows:

    250 <some strings which shows the accepted message queue ID>
  8. Type the following command:


    The correct returned response is as follows:

    221 <some strings which suggets the connection is closed>

    This command ends your telnet session. This example should be sent and received by your downstream server. The URL in the message should be treated as spam. The default action is to prepend the text [SPAM] to the subject line.

To send a test message using Mozilla Thunderbird

  • Select Edit | Preferences or Thunderbird | Preferences... from the menu in Mozilla Thunderbird.
  • Open the Advanced category.
  • Go to the General tab.
  • Click Config Editor....
  • Enter "mail.compose.other.header" (not including the quotation marks) under Filter:.
  • Double-click mail.compose.other.header.
  • Enter X-Advertisement and click OK

you can now select X-Advertisement in the address area of the message, like you would "to", "cc" or "bcc". Simple enter "spam" (without the quotation marks) there and your message will be trated as a spam message.

Technical Information
Telnet is a terminal client. This client provides a remote interface to a computer and enables you to create a session to any text-based protocol. You can use a Telnet session to manually send a test email from a command interface. You can use this session to determine the errors that occur during that process.

Examples of text-based protocols are SMTP, HTTP, and POP. To use any email client, set the outgoing SMTP server to the IP address of the Symantec anti-spam products powered by Brightmail  server.



Interactive Powershell script for testing SPA on a local SMSMSE installation
Test_SPA.zip (2 kBytes)

Legacy ID


Article URL http://www.symantec.com/docs/TECH83693

Terms of use for this information are found in Legal Notices