In Symantec Messaging Gateway a Content Filter rule or a Compliance policy is triggered for a different email address than intended
|Article:TECH98306|||||Created: 2009-01-29|||||Updated: 2012-05-09|||||Article URL http://www.symantec.com/docs/TECH98306|
A Content Filter rule or Compliance policy is configured to look for a specific string of text in an email address and is triggering on more than expected.
A compliance policy is configured as folllows:
"If text in Envelope recipient contains 1 or more occurences of "firstname.lastname@example.org"
Messages destined for other addresses like email@example.com gets deleted as well triggering that exact rule shown in the message audit log and bmserver_log.
No other compliance policy is configured or triggered.
Symantec Brightmail Gateway (SBG) 8.x
Symantec Messaging Gateway (SMG) 9.x
If the desired effect is to block messages intended for a specific recipient, this compliance policy is specified incorrectly. It should state 'matches exactly as opposed to 'contains 1 or more'.
The compliance policy should be reconfigured as follows:
"If text in Envelope recipient part of the message matches exactly "firstname.lastname@example.org"
Article URL http://www.symantec.com/docs/TECH98306