How to avoid blacklisting with Symantec Mail Security for SMTP

Article:TECH84143  |  Created: 2006-01-17  |  Updated: 2006-01-12  |  Article URL http://www.symantec.com/docs/TECH84143
Article Type
Technical Solution

Issue



You installed a Symantec SMTP product to a server in your network. You are placed on a blacklist by a domain name system blackhole list (DNSBL) or a real-time blackhole list (RBL). The Symantec SMTP product bounce messages are the given cause for placement on the blacklist. You need to know how to avoid blacklisting.


Solution



This page describes how to change the configuration of the Symantec SMTP product to limit the possibility you are blacklisted. You have three tasks to complete. The first is to set up a unique "From:" address. The second task is to install and configure a new Symantec SMTP outbound server. The final task is to change the existing Symantec SMTP server configuration to use the new outbound server.

Two assumptions are made. The first, the existing mail server does not drop email bound to nonexistent users silently. The second, the Symantec SMTP product is not an open relay. To make sure your Symantec SMTP installation is not an open relay read: Preventing a Symantec SMTP product from being used as an open relay server.

To accomplish the goal perform the steps in the following sections in the order presented.

To change the "From:" address for the Symantec SMTP product
  1. Open the Administration interface
  2. In the left pane, click Configuration.
  3. In the right pane, click Setup tab.
  4. Under SMTP in the Alert / Notification "From:" address, type a unique address.
    An example of a unique address is: "SMSSMTP-hostname@yourdomain.com"

    A unique address allows the Symantec SMTP product to filter or drop any email the product creates.
  5. Click Save Changes.

Install and configure a new Symantec Mail Security for SMTP server as outbound only
Use the Symantec Mail Security for SMTP CD to install the new server. For details read the section on installation in the product manual. If you do not have access to the manual, select your installed product from the select product and version page on the Symantec Web site. You do not need to install Symantec Premium AntiSpam on this outbound server.

To copy settings from the original Symantec SMTP server
  1. Open the Administrative Tools Services.
  2. In the left pane, right-click the Symantec Mail Security for SMTP service > Stop.
  3. Open a file program like Windows Explorer.
  4. Copy the contents of the "Local" directory from your original server to the new server.
  5. In the Administrative Tools Service window, right-click the Symantec Mail Security for SMTP service > Start.

To change the "From:" address on the new Symantec SMTP server
  1. Open the Administration interface
  2. In the left pane, click Configuration.
  3. In the right pane, click Setup tab.
  4. Under SMTP in the Alert / Notification "From:" address, change the address to the expected postmaster address you normally use for external users.
  5. Remove or alter custom filters for this server as this server is now your "Outbound" Symantec Mail Security server.
  6. Change the "Anti-Relay" settings in the new server to allow the existing Mail Security server to connect and send mail through it.
  7. Click Save Changes.

Use a mail client to test the new server. Specify the new server as the SMTP and send mail to self. Test both inbound email and outbound email. Then configure your internal mail server to use the new server. Configure the new server as a Smart Host or SMTP Relay if you used the original server as an outbound filter.

To configure the new Outbound Server to drop all generated mail by the "inbound" Symantec Mail Security server
  1. Open the Administration interface "On the new Server"
  2. In the left pane, click AntiSpam Policy > Custom Blacklist.
  3. In the right pane, check Identify messages from the following email addresses or domain as violations.
    In the provided field, add the email address of your "Inbound" Mail server (As specified earlier), ensure "Identify messages from the following email addresses..." is checked.
  4. Under Do the following when a violation occurs, Select Drop Message.
  5. Click Save Changes.

The Symantec Mail SMTP outbound server now drops email that uses the custom email address.

Activation
Change the configuration of your existing Symantec SMTP server. Change the settings so email not directed to your internal Symantec SMTP server to the new outbound server. This change causes any email that is bounced by the internal server to go to the outbound server.

To add the fully qualified domain name to Routing on the original inbound server
  1. Open the Administration interface.
  2. In the left pane, click Configuration > Routing.
  3. In the right pane, under Default routing, type in the fully qualified hostname of the new Symantec Mail Security server. If the new server does not accept incoming SMTP connections on port 25, fill in the new port here.
  4. Click Save.

Inbound email for nonlocal addresses is now sent to the new servers. Watch the queues on the servers for delivery issues.

Testing the new settings
To test your new settings, send an email from an external Web mail provider. External Web mail providers like Gmail or Hotmail. The email is sent to a nonexistent user at your domain, for example
"non-existantemailaddress@yourmain.com".

Other
  • If your settings changes are correct, you should be able to track your email in a Detail Report for each of the Mail Security servers.
  • Bounced email from a Symantec Mail Security server is often an incorrect entry. The entry may be in an entry in a custom list or an incorrect configuration setting.
  • Make sure you are not using an earlier version of the Symantec Mail Security product, use the most current version available.
  • Make sure the new Default routing settings are correctly set on the inbound server.




Technical Information
As a mail relay, the Symantec SMTP product sends a bounce message when a message fails to deliver for any reason. The original sender is notified why the message bounced.


Some customer may have chosen to notify the senders that a given email was blocked or filtered. These types of notifications may also lead to a blacklisting.




Legacy ID



2006011709344554


Article URL http://www.symantec.com/docs/TECH84143


Terms of use for this information are found in Legal Notices