Email Security.cloud

 View Only

  • 1.  IP removal from symantec blacklist - snow shoe spamming

    Posted Mar 02, 2017 10:40 AM

    My client hosts an uncompromised mailserver on 76.9.192.150. IP lookup on the Symantec page shows that the IP has a negative reputation: "The host has been observed sending spam in a format that is similar to snow shoe spamming techniques."  Removal via web form only results in temporary unblocking.

    The IP is not listed on any other blacklists, and the server, as well as all workstations, have been scanned thoroughly and are clean.

    Please let me know what we can do to clear the reputation for our IP permanently.

    Kind regards,

    Doug



  • 2.  RE: IP removal from symantec blacklist - snow shoe spamming

    Posted Mar 03, 2017 08:08 AM

    Hi Doug,

    The best course of action in your situation is to work directly with our threat analysts to get useful feedback so this can be resolved permanently. We have an article written for this purpose.

    https://support.symantec.com/en_US/article.TECH828...

    In a nutshell, they can be reached at a specific email address.

    Investigation@review.symantec.com

    When reaching out to them, it would be preferable to provide an example of bounce back, sending server IP as you listed above, and an example of mail that you are sending. Once you submit this information, allow up to 7 business days for their investigation to complete and feedback be provided. This should either resolve it outright, or provide you with more information on why it cannot be changed at this time.

    Regards,

    Ben Beaulieu
    Sr Technical Support Engineer