Video Screencast Help

Welcome to the new Mail & Web Security Blog!

Created: 27 Sep 2010 • 8 comments
akottas's picture
0 0 Votes
Login to vote

Welcome to the new Mail & Web Security Blog!  Brightmail isn't going away, but we wanted to expand our coverage to include news about our complete email and web security portfolio, including the Brightmail products (Brightmail Gateway, Brightmail Message Filter, and Brightmail Traffic Shaper), the Mail Security products (Mail Security for Microsoft Exchange and Mail Security for Domino), and Symantec Web Gateway.

In addition, Symantec's messaging and web security products are core components of the Symantec Protection Suites.

Stay tuned for more updates, including an expanded cast of authors as we grow our coverage across a broader slice of the Symantec portfolio.

Comments 8 CommentsJump to latest comment

TSE-JDavis's picture

Any indication of a Scan Engine forum area?

-1
Login to vote
WWWSUPPORT's picture

We been suffering false BrightMail blocking for weeks, being unable to email our own staff, colleagues and customers with Microsoft based email accounts.

Thorough checking of mail server logs proves there's absolutely no evidence for our IP reputation being labeled as poor, in reality it's perfect (we don't send any unsolicited mail). So why was BrightMail listing our IP with a false positive.

Microsoft is the ONLY provider who enaged in blocking our mail to their user mail accounts (no other Brightmail user did so).

Microsoft were unable to produce any evidence of Spam sending whatsoever, they had no complaints of spam from their account users.

Microsoft were very slow to reveal they were relying on BrightMail only and had no other evidence.

Our INVESTIGATION reveals...

BrightMail is open to user abuse, by that we mean FALSE REPORTING, which in this case appears to have been used as a means of maliciiously attacking us by disabling our means communicatiing.

During our investigation Microsoft in effect bullied us into joining their Spam Reporting programme (threat of ongoing blocking), before it revealed the source of the False Positive was Symantec Brightmail.

We also discovered Symantec obstruct False Positive reporting and investigation by NOT providing any means of those suffering false blocking communicating directly with the BrightMail team.

A very expensive experience for us which wen't on much longer than need be because of the communication and reporting difficulties with the offenders (False Reporting Systems).

 

 

 

 

 

 

0
Login to vote
WWWSUPPORT's picture

UPDATE 11:05 GMT

Ongoing FALSE POSITIVES (BrightMail) are damaging our business.

We do NOT send any unsolicited email as server logs show.

This seems to be MALICIOUS FALSE REPORTING

We understand there is absolutely NO REAL EVIDENCE WHATSOEVER to support the allegations.

 

 

0
Login to vote
Rose McGuigan's picture

I'm sorry you've had such a poor experience.

Outlook.com uses multiple technologies for their reputation services and content filters. The link listed below is a good source of some of the reasons why you might be getting blocked and what are some of the mitigation steps you can take.

http://answers.microsoft.com/en-us/outlook_com/for...

There is also a link there that will allow you to contact someone at Microsoft's email delivery support team for further assistance.

If Outlook.com has identified this to be associated to Symantec's Messaging Gateway software then you may provide your request for review via TECH# 82881

 

 

 

 

0
Login to vote
WWWSUPPORT's picture

Rose thanks for responding.

We've done an in depth investgation already, Microsoft don't have any evidence whatsoever, absolutely no complaints or spam reported.

Mail server logs indicate no inappropriate mail sent either, literaly a few emails to staff each day, thats all.

The evidence points to Malicious False Reporting or a Deep Defect in BrightMail (eg: not being able to spot IP / Domain spoofing)

Microsoft agee the cause of the blocking is just BrightMail and nothing else.

Symantec apparently can't cpme up with any evidence either (so far)

In our view it's irresponsible to bully and damage innocent business / people with a defective system, which is precisely what is going on.

 

 

 

 

0
Login to vote
WWWSUPPORT's picture

UPDATE:

Another malicious False Report...

"The host has been observed sending unsolicited email messages"

The IP (207.45.185.47) has NOT sent any unsolicited email, only a handful of emails between staff as server logs prove.

The server remains secure and is not open to abuse (as logs prove).

SYMANTEC please stop abusing us with this awful product otherwise we will consider a criminal damge claim (ie: ongoing damage to our business)
 

0
Login to vote
WWWSUPPORT's picture

UPDATE 21 Nov 2013:

Another malicious False Report...

"The host has been observed sending unsolicited email messages"

The IP (207.45.185.47) has NOT sent any inappropriate email this period.

The server remains secure and is not open to abuse (as logs prove).

SYMANTEC please stop abusing us with this awful product.
 

 

0
Login to vote
WWWSUPPORT's picture

UPDATE  25 Nov 2013

Another barrage of malicious false reports. Symantec unable to produce any evidence to back up the claims and continues to ignore our representations.

This IP (207.45.185.47) has NOT sent any "unsolicited email messages"

This is a MALICIOUS listing

0
Login to vote