Solved

Symantec mail security for Exchange 2000

Posted on 2004-04-27
9
932 Views
Last Modified: 2008-02-20
Hello everyone

i am running exchange 2000 and i have installed the symantec mail security for exchange for the spam and virus filters. The problem i am having is alot of our email that are getting sent to us that are not spam are getting block. Is there a way i could exclude domain names or email address's from getting block in the filter?
0
Comment
Question by:novacopy
  • 3
  • 2
  • 2
  • +2
9 Comments
 
LVL 1

Accepted Solution

by:
tbone106 earned 250 total points
Comment Utility
You can add the domains to the whitelist, I would however check to see what your spam setting is set to. Set too high, and your going to get a bunch of false positives.
0
 
LVL 4

Author Comment

by:novacopy
Comment Utility
There isnt a place to add a whitelist. I have gone through my settings many times they still seem to catch emails that arnt spam. Symantec needs a better logging of events so i can really see what is triggering it to think its spam in emails that arn't spam.
0
 
LVL 1

Expert Comment

by:tbone106
Comment Utility
We use their SMTP gateway product to filter spam/virus -- which supports whitelists and different spam detection levels.

I'm surprised your version doesn't support these functions....Are you using exchange as your SMTP transport? If, you might want to use Symantecs SMTP gateway product -- standard for Enterprise customers...

0
 
LVL 4

Author Comment

by:novacopy
Comment Utility
we are just using Symantec MS for Microsoft Exchange 4.0 and also we have the Symantec system center.

in the SMSME it has a feature for dnsblacklist but no whitelist. how well does your symantec smtp gateway work?
0
Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

 
LVL 1

Expert Comment

by:tbone106
Comment Utility
To be honest, not as well as I like it to. We have configured all the spam/virus blocking features and still receive a great deal of spam (don’t get me wrong, we also catch a good deal). The DNSBL works but is catching less spam as time goes on.  Our servers are working overtime with all the spam and virus detection. I think our next step is to find a service agreement type arrangement whereas a third party (which all they do is spam and virus detection) filter all our email for spam and viruses and deliver the good stuff to us – interesting enough, cost about is about the same as keeping our Symantec contract.
0
 
LVL 11

Expert Comment

by:turn123
Comment Utility
novacopy, Please respond to the comments from the Experts.
See:  http://www.experts-exchange.com/help.jsp#hi49 Thank you, turn123 (s)
0
 

Expert Comment

by:mark1per
Comment Utility
You have to creat a whitelist in in you match list and then add the domain to ie. *@domain.com
that way it will not scan that particular email from email coming from those people.  Also you after you have created a whitelist you have to go to the policies that you have created and use the unless command of example
you have a policy saying
If Message body contains a member of (matchlist) Message body[whole words only]
Unless sender Contains a member of (matchlist) Whitlist
0
 

Expert Comment

by:wtc30
Comment Utility
I have found this question and response useful in my tuning of Symantec Mail Security for Exchange.  I have a question on the White List.  When creating the list, you are asked to select whether the list contains:
 Literal strings
 Regular expressions
or
 DOS wild card style expressions
Which should be selected.  Here is a few entries from my white list.  This may help to determine which I should select.  My guess would be Dos Wild Card style expressions.
*@shingmark.com
jmillnerdesigns@aol.com
leal46@aol.com
*@jennison.com
Thank you.
0
 

Expert Comment

by:mark1per
Comment Utility
Yes you are correct you would have to use DOS Wildcard expression.
0

Featured Post

Top 6 Sources for Identifying Threat Actor TTPs

Understanding your enemy is essential. These six sources will help you identify the most popular threat actor tactics, techniques, and procedures (TTPs).

Join & Write a Comment

Article by: Rob
Notes 8.5 Archiving Steps and Tips This article covers setting up a Notes archive, and helps understand some of the menu choices making setting up and maintaining a Notes archive file easier.
I annotated my article on ransomware somewhat extensively, but I keep adding new references and wanted to put a link to the reference library.  Despite all the reference tools I have on hand, it was not easy to find a way to do this easily. I finall…
The viewer will learn how to set up a document for the web and print and the recommended PPI for printing.
Viewers will learn how to use the Hootsuite Dashboard.

728 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now