Email deleted by SBG although "whitelisted" by me manually
Updated: 21 May 2010 | 11 comments
This issue has been solved. See solution.
I have an email keep on getting deleted by the SBG with the msg Symantec Global Bad Sender, although i have set it as System allowed email address or domain.
Is there anyway i can check if the ip is in symantec global bad sender or can i bypass this particular IP without going through Symantec Global Bad Sender
Discussion Filed Under:
Comments
Hello,
In Brightmail Gateway 8.x there are a couple ways you could do this. First you can look at the "Reputation" tab, under "IP Reputation Lookup" and enter the IP here.
Alternatively you can go to http://ipremoval.sms.symantec.com/lookup/ and look up the IP here.
Hope this helps!
Tom
i've done it at both of this
i've done it at both of this earlier the ip seems to be ok there but it was still blacklisted by the global reputation
Verdict: Verdict Filter
seems weird to me this way
please advice
any help guys?
any help guys?
Hello,
I'm sorry for not getting back to you yesterday. How are you adding them to the allowed sender list? By domain or IP?
If you have added them by domain, try adding them by IP and see if this bypasses the Bad Senders list.
i've tried adding it detects
i've tried adding it detects it as the thing i post up but the mail is still blocked
Hi, sounds like some
Hi,
sounds like some configuration problem. As Tom said, if you whitelist the sender based on IP address (not domain or email address) that should be enough to achieve the desired results.
Can you post the verdict you get when using IP address instead of email adress or domain?
This behavior is explained under Appendix A "Verdict combinations" on the SBG administration guide.
Federico
Hello wenfeng As mentioned
Hello wenfeng
As mentioned by Federico the mail should go through if the sender domain / IP is added to the 'Local Good Senders'.
Admin guide under 'Verdict combinations' on page 521 (Table A-5). Download the manual from here.
If I recall correctly however, the 'Symantec Global Bad Sender' has 'Reject SMTP connection' action set by default. The screen-shot above shows 'Static Delete'.
From the admin guide I also see that the 'Delete" has a higher priority than 'Deliver Normally' (page 518, Table A-3). Based on this table, if you have two verdicts triggered - one with delete action, the other with deliver - the mail is going to be deleted.
Will check my SBG once in the office, and post again as a confirmation.
Cheers.
This same issue i have
This same issue i have recently with one of my customer, I tried with both way by using domain name or IP to bypass symantec globle bad sender, but did not worked.
So to solve this i have created new group with that specific mail ID and created one compliance policy saying "for all measage" to this group "deliver message normally", by doing this i am able to receive that mail.
managed to get it to work
managed to get it to work already. problem was with my firewall NAT'ing the IP address causing my SBG to see an internal ip address instead of the ip address of the sender. Removing the NAT allows SBG to see the public IP address.
Thanks to everyone who advised earlier
Hi, just want to add that is
Hi,
just want to add that is very important for SBG to see the original source IP address of inbound SMTP connections in order to take advantage of IP reputation and other features. Also have a look at the following KB article for other suggestions:
service1.symantec.com/support/ent-gate.nsf/854fa02b4f5013678825731a007d06af/4f9a58bddb664cc88025749d003d7d0a
Regards,
Federico
Would you like to reply?
Login or Register to post your comment.