Email Security.cloud

I have a dedicated IP mail server that for some reason is on the Symantec blacklist.  We're not on any other blacklists when checked by mxtoolbox and similar tools.  rDNS is setup properly, same as SPF and DKIM.  I just don't get it!  We're not listed on this URL either, http://ipremoval.sms.symantec.com/lookup/

We can't get help from Symantec as we're not a customer.  We are getting bouncebacks when sending out quotes to new clients or prospective business partners.  It isn't very prudent to ask them to contact Symantec for us. 

Please help!

  SMTP error from remote mail server after initial connection:
   host cluster8.eu.messagelabs.com [85.158.139.51]:
   501 Connection rejected by policy [7.7] 18009, please visit www.messagelabs.com/support for more details about this error message.

Some problem here. Can anyone from Symantec  comment please?

Hello,

The Symantec cloud services are managed almost entirely by the clients. They have tools to reviews emails sent to them, along with ways to report issues, query blacklists with the cloud support team to gain insight on the senders that attempts to send them mail.

With that in mind, it is indeed best to reach out to the recipient and advised them their Symantec Cloud service is blocking their attempt to send email. They often have ways to review these emails and take action to receive them while working with Cloud support to gain more insight on the any email delivery issues that are reported.

Ultimately, it is the recipient's prerogative on how they wish to configure the cloud service and work with the support team in regards to the emails they receive. With that being said, I do still invite you to send an email to support.cloud@symantec.com along with any bounce and information on the sending IP of the server clearly identified in the email. In some cases we may be able to do a preliminary investigation which can often help reach a resolution with the help of the Cloud client.

In regards to the help page itself, I apologize in regards to the link, please use the below link until further notice.

http://www.symanteccloud.com/troubleshooting

I too have this problem. However, B.Beaulieu, Your stock answer is insufficient. When every client that uses Symantec protections is blocking emails, then it is obviosly a global Symantec policy and not individual client's settings. When all these are blocking at once, it s obviously not the client setting up the blocking.

So, who do we contact to get Symantec to release a specific IP address or server from their block list.

In my case, it is obviously the shared IP that my hosting company has because they have even set up a named server for me that is still being blocked. 

It is business suicide to do what you suggest and contact every client/potential client to unblock us. There could be thousands and the damage to reputations is irreperable. 

Hi JohnMcPool,

Please provide me your sending IP and I will investigate further. Please accept our apologies for the disruption to your email flow caused by this bounce error.

Kind regards

Dave Parker

Principal Technical Support Engineer

Dave,

Thanks for looking into this.

My IP address is 77.97.104.237

The ip addresses of my domains are 69.50.193.207 and  69.50.195.57

I am using Outlook 2010 as a mail client.

Any possibility we can correspond by email about this as it's been two and a half months and I'm getting not joy out of your support system. mcd1507@virginmedia.com

Regards

John

Dave,

I have just got email you sent a mesage via my contact form. I can't seem to reply.

Thanks again for looking into this, I await further infromation.

John

Hello Dave,

I have the some problem, we have new email server in 46.105.173.66. Can you help me?????

host cluster8.eu.messagelabs.com [85.158.137.3]
    SMTP error from remote mail server after initial connection:
    501 Connection rejected by policy [7.7] 3806, please visit www.messagelabs.com/support for more details about this error message.

Hi Jose, 

Your sending IP has been removed from our internal blocklist which was targeting a certain range. You should no longer be seeing this error - 501 Connection rejected by policy [7.7]

Regards, 

Art

Hi John, 

Out of the 3 provided IPs, I do see one them 69.50.193.207 being blocked. I've submitted a request to get it delisted with our Anti-Spam operations team. I will get back to you as soon as the block has been lifted. 

Regards, 

Art

Our IP is 67.21.161.141 but am not sure if we are still experiencing this problem.  Can you check for a block?

Hi Sym_Art

All right, our emails are delivered correctly

Thanks for all

Hi Rhetor22

The IP 67.21.161.141 has no restrictions in place on it.

Kind regards

Dave Parker

Principal Technical Support Engineer

Hello John, 

There are currently no restrictions applied to your IPs. Let us know if you still experience problems. 

Hi

Our IP 185.60.145.14 seems to be blocked by messagelabs.com and we don't know why. The message "please visit www.messagelabs.com/support for mor details..." does not help...

We do not have any spam complaints about this IP. Maybe this IP was abused before, but we terminated the contracts with those clients.

Can you help us or tell me, where I can get help?

Thank you,

Roger

Hi Roger,

I have submitted your IP for investigation and lift any restrictions if possible. I will keep you informed of our investigation.

Ben Beaulieu
Senior Technical Support Engineer

Hi Roger,

Restrictions on your IP have been lifted. You should no longer be getting blocked when connecting to Symantec.Cloud servers.

Ben Beaulieu
Senior Technical Support Engineer

Seems like mine's all fixed now. Emails send from both my email servers have had replies.

thanks Dave Parker. Far better response that the one from the onlinecontact form!

Hi,

We have several mail servers and have this error in some

cluster8.eu.messagelabs.com host [85158140195]
  SMTP Error from remote mail server after initial connection:
  501 Connection rejected by policy [7.7] 19312, Please visit  
www.messagelabs.com/support for
More details about this error message.

Please you can delete our address pool ip

46.105.173.64 / 27

I will have that IP range checked.

Kind regards
Dave Parker

Hello

we have the same problem

(host cluster4.us.messagelabs.com[216.82.250.19] refused to talk to me: 501 Connection rejected by policy [7.7] 8707, please visit www.messagelabs.com/support for more details about this error message.)

the ip is 189.197.63.45.

Can you help us?

Let me look into this for you, Nora.

Regards,

Fernando Aspiazu
Sr. Technical Support Engineer

 

Hello Nora,

Restrictions for IP  189.197.63.45 have been removed. You should no longer be getting blocked when connecting to Symantec.Cloud servers.

Regards,

Fernando Aspiazu
Sr. Technical Support Engineer

Dear Sirs and Madams,

could you please remove our IP-Range from your  blacklist.

5.135.104.128 - 5.135.104.191

Kind Regards

Hello.

We are refused by the message:

relay=cluster8.us.messagelabs.com[216.82.249.147]:25, delay=35, delays=0.02/0.02/35/0, dsn=4.0.0, status=deferred (host cluster8.us.messagelabs.com[216.82.249.147] refused to talk to me: 501 Connection rejected by policy [7.7] 2910, please visit www.messagelabs.com/support for more details about this error message.)

I run a postfix server whith all ok, spf reverse ip etc.

My ips is not listed in any RBL and symantec.

Please, remove:

198.50.230.105

198.50.230.106

167.114.138.66

Hello Julio, 

I've submitted request to have restrictions removed from your IP. This should be completed within 24 hours. 

Dear Sirs and Madams,

unfortunately we got no response to our blacklist removal request. Therefore I kindly request again to remove our ips from your blacklist. We provide hosting services and it's very hard for us to tell our customers that there is an issue with symantec.

Our company is not listed on any blacklist (e.g. spamhaus)

5.135.104.128 - 5.135.104.191

Thank you very much.

Let me look into this for you. I will get back to you once I have completed the investigation.

Regards,

Fernando Aspiazu
Sr. Technical Support Engineer

Hello uid00,

After further investigation, we reviewed this IP range and due to concerns in regards to snowshoe spam activity, we cannot remove the entire range for the time being as we also have an obligation to protect our customers from unsolicited bulk mail.

What is snowshoe:
http://www.symantec.com/content/en/us/enterprise/white_papers/custom-report-spam-outbreak-snowshoe-2014-10.pdf

Should you have specific IPs you would like us to investigate, please let me know and we will review them.

Fernando Aspiazu
​Sr. Technical Support Engineer

Hi!

Could you please check why mails from srvm3033.vc-server-network.de are blocked?

Returned mail:

Action: failed
Final-Recipient: rfc822;xxx@removed.yyy
Status: 5.0.0
Remote-MTA: dns; cluster8.eu.messagelabs.com
Diagnostic-Code: smtp; 501 Connection rejected by policy [7.7] 19305, please visit www.messagelabs.com/support for more details about this error message.

And the link does not open a helpful page :(

Thanks!

Let me look into this for you. I will get back to you once I have completed the investigation.

Regards,

Fernando Aspiazu
Sr. Technical Support Engineer

Hello,

After further investigation, we reviewed this IP range and due to concerns in regards to spam run activity, we cannot remove this IP for the time being as we also have an obligation to protect our customers from unsolicited bulk mail.

Please send your request to the following email address for further investigation (investigation@review.symantec.com)

Regards,
Fernando Aspiazu
Sr. Technical Support Engineer

Dear Symantec Team,

how long would I have to wait for an answer from the 'investigation' team? Apparently your filter lists are trusted blindly, so I would expect a timely response regarding problems due to this list.

At least a response that someone received the mail and will have a look into it would be nice. If email takes as long as writing a paper based letter when dealing with an internet based company, some processes are not quite the way they should be.
But that's just my 0.02$

Regards

My firm provides email services to multiple companies, some of whom have recently started complaining that very important documents sent by email to large organisations are being bounced back after about five days with the message "501 Connection rejected by policy [7.7]".

Our clients are having no joy trying to get our IP address de-listed by their recipients, and they quite rightly ask how it can possibly be due to each end-recipient organisation when multiple organisations have started rejecting mail at the same time.

Our outgoing mail-server IP address is 94.23.190.46. That IP is as clean as any IP can be. It is not listed on any RBL, nor MS systems, and not even Symantec's own publicly accessible de-listing portal.

This is costing our clients dearly in lost orders, and we are about to lose valued clients because of it. *PLEASE* can you de-list our IP address in your obviously centralised systems, and may I respectfully suggest that you configue your system's default setting to reject mail immediately, not after five days when any damage done by lost emails has already taken effect!

I think it's time people started suing Symantech for lost revenue, unnecessary stress, additional workload, etc.

Class action anyone?

Same here, i can't send e-mail to my customer :( 

Returned e-mail :

  cristina.garrote@geodis.com
    host cluster4.eu.messagelabs.com [85.158.137.68]
    SMTP error from remote mail server after initial connection:
    501 Connection rejected by policy [7.7] 3105, please visit www.messagelabs.com/support for more details about this error message.

 IPs : 37.59.16.222, 87.98.233.61, 37.59.253.190

Can u remove me from blacklist PLS?

Dear Symantec Team,

I realise you're just doing your jobs, looking after the systems provided for you, but have you any idea how much time, money and stress is caused by Symantec not providing email service providers such as ourselves with a publicly accessible BL checker and de-listing portal? When end-clients get a bounce back five days after sending an important order or contract (because these are the sorts of companies that use Symantec Cloud Services), they come knocking on our doors, demanding compensation and threatening to take their custom elsewhere. We then have to spend hours working out what the problem is, and have to try and do something about it. And when the only IP blocks available these days all seem to have been previously used by spammers, simply buying a new block can get you no further than where you started.

Please pass this back up the line, for Symantec's reputation is slowly going down the drain here: let us see if we are blacklisted by your Cloud Service, and allow us to de-list ourselves in the same way that most other RBLs across the planet do!

...and please de-list 94.23.190.46 as soon as possible, if not sooner. 

A timely response to this post would be appreciated, along with an explanation as to why this issue has been allowed to remain so damaging to email service providers for so long.

Please can you check and unblock any of the following range

94.229.72.34
 

to

94.229.72.62 inclusive

AS per losstheplot the link provided in the error message doesnt actually provide any futher information nor does it give a link to manual delisting which i would have expected.

I have several clients with unique IP addresses suffering from the rejection and yours is the only service blocking some of these IP address.

Hi All,

We are looking at all the IP's mentioned above and will get back to you all ASAP.

Kind regards
Dave parker

Principal Technical Support Engineer

Hi All,

We have now removed the following IP's from our restrictions:

94.23.190.46

37.59.253.190

94.229.72.34 to 94.229.72.62

All other IP's mentioned are clear.

Please allow up to 2 hours for this to take full effect.

PLease accept our apologies for the delayin responding to your queries.

Kind Regards

Dave Parker

Principal Technical Support Engineer

Thank you. Please consider creating a de-listing portal to save everyone a lot of trouble.

You still haven't unblocked our IP 37.59.16.222. and we still are not able to send e-mails.

Hello toniacz89, 

There are currently no restrictions in place for your IP. 

Hi, 

We have issues from our company email server IP address : 5.135.5.104 , 5.135.5.105 , 5.135.5.106 . Could you please unlock them ?

The error is as below:

(host cluster8.eu.messagelabs.com[85.158.140.211] refused to talk to me: 501 Connection rejected by policy [7.7] 19410, please visit www.messagelabs.com/support for more details about this error message.)

Please help

I have a dedicated IP mail server that for some reason is also on the Symantec blacklist.  We're not on any other blacklists

The error I receive is:  

  host cluster3.eu.messagelabs.com [194.106.220.51]
    SMTP error from remote mail server after initial connection:
    501 Connection rejected by policy [7.7] 9203, please visit
www.messagelabs.com/support for more details about this error message.

My IP address is 31.187.71.9

It is causing me severe problems emailing my clients.

We have the same issue with your services;

The error I receive is:

host cluster8.us.messagelabs.com[216.82.251.39] refused to talk to me: 501 Connection rejected by policy [7.7] 16404, please visit www.messagelabs.com/support for more details about this error message.

My IP is: 199.193.249.207

Hello davet1408, 

I've submitted a request to have restrictions lifted from your IP. This should be done in the next 24 hours. 

Hello j_marmol, 

I've just submitted a request to have restrictions lifted from your IP as well. 

Hello thushar, 

I've submitted a request to have restrictions lifted from 3 of your IPs. This should be done within 24 hours. 

Hello,

I also have this problem from my email server : 212.83.130.206

Here is the error message :

host cluster5.eu.messagelabs.com[85.158.136.83] refused to talk to me: 
501 Connection rejected by policy [7.7] 3609, please visit www.messagelabs.com/support 
for more details about this error message.

My email server configuration seems to be correct and my server is not listed in any blacklist...

Can you help me please ?

Hello, 

Got following error: Connection rejected by policy [7.7] 9611,

Checked our server IP at http://ipremoval.sms.symantec.com/lookup/ and response is:

" The IP address you submitted, 104.130.30.245, does not have a negative reputation and therefore cannot be submitted for investigation."


rDNS is setup properly, same as SPF and DKIM


Please check our IP 104.130.30.245.
 

Thank you.

Hi,

Any help ?

Dear Symantec team. I have the similar issue with IP 104.28.16.65 which is hosted by cloudflare.

Dear Symantec team. We have exactly the same issue with our whole ip-range

84.200.55.130 - 84.200.55.158

We never sent spam or anything else, we have filled the removal form several times but nothing happened. please help us.

Having this same issue... not listed anywhere: 198.100.154.101

Thanks

Steve

Having this same issue, my server IP is: 188.165.175.76

Thanks

Modesto

We started to have the same problem with our email not being delivered after we moved to Rackspace. Our IP is 2001:4802:7803:103:be76:4eff:fe20:62f0 and 104.130.31.98

hello we have the same issue with IP  after moving to softlayer   ip is 169.45.171.75  and also 169.45.171.77

thank you

Hi,

We have several mail servers and have this error in some

 host cluster5.us.messagelabs.com [216.82.242.131]
SMTP error from remote mail server after initial connection:
501 Connection rejected by policy [7.7] 7608, please visit www.messagelabs.com/support for more details about this error message.

Please you can delete our address pool ip

192.252.214.195 and 192.252.214.196

Dear Sir,