Messaging Gateway

 View Only

  • 1.  Domain/Link in e-mail body filtered by brightmail

    Posted Apr 22, 2015 03:56 AM

    Hi,

    we are a web service provider and manage domains and web sites for our clients.
    I have this special case and am urgently looking for a solution:

    If i send a mail with a link to this certain domain in the mail body to an email service provider using brightmail then the mail is filtered to the spam folder. If i investigate the mail headers in the recieving inbox i see this: "X-Brightmail: 1.00".
    Wenn i send the same email with an other domain/link in the mail body then it passes the filters an results in the inbox.
    It does not matter from where the mail is coming. I tested sending with a gmail account, hotmail account and even custom smtps.

    It really looks like brightmail is using some blacklist where our clients domain is listed as a phishing domain.
    Does Symantec use a list like that? And how can i remove this domain?

    The domain is newly registred in 2014 by our client and he experiences problems in deliverability since then. Our investigations resulted that the domain was previously registred by others, so i suppose the listing could be really old.

    Please help!

    ME



  • 2.  RE: Domain/Link in e-mail body filtered by brightmail

    Posted Apr 28, 2015 05:35 AM

    You can do a Domain blacklisting check  online .There are many sites available which can help with that . Since you can't post the domain name here due to confidentiality reason so better check mxtoolbox.com or spamhaus .Also try resolving the domain name to IP and than check IP Reputation .
     

    http://ipremoval.sms.symantec.com/lookup/

    http://www.blacklistalert.org/

    http://mxtoolbox.com/blacklists.aspx

    http://www.spamhaus.org/

     



  • 3.  RE: Domain/Link in e-mail body filtered by brightmail

    Posted Apr 28, 2015 09:52 AM

    Hi Subhani,

    thank you for your answer.

    I already checked all these lists. Neither the IP of the server where the website ist hosted nor the IPs of the MXs is listed.
    I really looks like a content filter checks the link in the mail body against a URL blacklist or a phishing blacklist.

    When I send a mail with the following body then it is considered spam (no matter what sender address):

    bla bla www.affected-domain.com

    If i write another domain (hosted on the same IP address) then it passes the spam check.

    Does Symantec Brightmail use a list where the affected domains must be removed?

    I am completely stumped.

    ME



  • 4.  RE: Domain/Link in e-mail body filtered by brightmail

    Broadcom Employee
    Posted Apr 28, 2015 10:22 AM

    If you feel that the detection is improper, please have your recipients who see the messages flagged as spam submit those emails to us as a false positive:

    https://support.symantec.com/en_US/article.TECH83081.html

    Please note that the emails need to have passed through the Messaging Gateway in order for the submission to be valid, so we have the full headers.