• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1665
  • Last Modified:

Symantec Mail security for Microsoft Exchamge causing emails to go missing.

Hi Experts,

I have a real mystery on my hands when it comes to email mixed with SMSMSE 5.0 and Exchange 6.5 on a Windows 2003 R2 SP2 Server.

It seems that when emails are coming in from the outside world (ie gmail, hotmail, yahoo, other company addresses) some of the emails are making it through with no issues. They are scanned by SMSMSE and sent to the intended recipient, however other are not making it to the recipient.

To me it looks like the mails are making it the mail store on exchange but not the inboxes, of the recipient.

Here's an example:

I sent a test email to myself from my gmail account to my company accounts and only received the mail on one of the two address we use ( 1 - exchange, 1 - POP3) the only account to receive the email was my exchange account, after checking the spam filter and finding nothing had gotten caught I checked the event viewer ont he server and got this error:

The message "test1 - apr16" located in message with subject "test1 - apr16", located in SMTP has violated the following policy settings:
      Scan: Auto-Protect
      Rule: Allow Word Documents
The following actions were taken on it:
      The message "test1 - apr16" was Logged Only for the following reason(s):
            A Filtering Rule was violated.

after seeing this message in the event viewer my next step was to use message tracking with exchange to see where it had ended up and this is what I got.

see figure 1
the blackout addresses is my exchange account.

To me it looks as though one email canceled out the other, which it shouldn't be doing. I should have received two emails, one from exchange and one from POP3.

However if I send two separate test emails to myself, one directly to exchange and one directly to POP3 I receive them both one for each account. I still receive the soft event viewer error message but the email  makes it to the inboxes.

This behavior is not limited to myself there are others who have noticed this taking place, anyone have a suggestion on where to begin to find the problem?



  • 3
  • 3
1 Solution
Jian An LimCommented:

1. SMSME EOL is on Sep 23, 2009 so it is time to upgrade if you have a chance.
2. if you still have support, contact symantec technical support for help.. they are quite helpful.

this will be also a length post as there are sooo many places that can go wrong when your SMSMSE keep your email.

the easiest way to test whether is SMSME fault is go to policies.
under Content enforcement, there is content filtering rules.

there is rules down there that you enforce.
either uncheck "enable content filtering" or disabled all your rules.

then do your testing again see whether you can replicate the problem.

If it is working, try to turn on 1 by 1.

Also goto exceptions make sure your disposition for all rules is not set to delete entire message

keep me update so i can know think about others if it bring up any in the next few message :)

chris_irvineAuthor Commented:
I have tested all our current rules (individually) and found that the Sample Executable File rule was blocking incoming messages from our POP3 accounts.

I modified the rule for Sample Executable File (more specifically the File Attachment Name under the Rule Content section) from wild card strings to literal strings and emails from our POP3 began to come in with no problems.

It does still look as though some emails are being held up in the mail store, after passing through SMSMSE. I'm going to start looking at posts on EE to see why there seems to be a delay in delivery from exchange in the meantime.

Jian An LimCommented:
all the best with that.

If you think i have answered your question, please kindly close the question :) or else please fire any question regarding this SMSMSE issue.

but i still strongly recommend you to upgrade to the latest version if you could :)
Automating Your MSP Business

The road to profitability.
Delivering superior services is key to ensuring customer satisfaction and the consequent long-term relationships that enable MSPs to lock in predictable, recurring revenue. What's the best way to deliver superior service? One word: automation.

chris_irvineAuthor Commented:
The problem seems to have cleared itself up for some reason, going to have to investigate.

How can I tell if we are do for an upgrade? Would i have to call Symantec to find out?
Jian An LimCommented:
if you have a maintenance agreement with symantec, you are entitled to an upgrade for free.

this website tells you when the version is EOL
chris_irvineAuthor Commented:
If I had known before hand how deep  SMSMSE went I probably wouldn't have asked this question. On the hand I didn't know, hence furthering my education of software we're using.


Featured Post


Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now