?
Solved

Symantec Mail Security for Exchange (7.5) - Block PHP Links Unless Whitelisted / Hold Mail and allow to be released

Posted on 2014-12-29
2
Medium Priority
?
394 Views
Last Modified: 2014-12-31
Is it possible to set up a spam filtering rule that will block all emails with PHP links in them unless the email address is whitelisted? Also, can any mail that is blocked be held and reviewed and either deleted/released periodically?
0
Comment
Question by:street9009
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 64

Accepted Solution

by:
btan earned 2000 total points
ID: 40523276
From the below, it may fall in the "If a message contains suspicious URL content" condition but this does not necessary block all PHP links. in fact, i tend to miss the use case why the need for blocking all PHP as some may be legitimate link too. It may be better for the SPAM engine to score that URL and state the action. The whitelist can still applies as required.
http://www.symantec.com/business/support/index?page=content&id=HOWTO53444#v11832917

There is also mention of content filter to handle spoofed url below besides just suspicious URL check
http://www.symantec.com/connect/forums/spoofing-urls-not-blocked

If there are really missed SPAM messages that bypass the check as false negative then you can also consider "customer-specific spam submissions" whereby messages can be submitted to Symantec
http://www.symantec.com/business/support/index?page=content&id=HOWTO77718#v63987512

But do note the "How rules are created and why messages may not result in custom rules" on the check steps
http://www.symantec.com/business/support/index?page=content&id=HOWTO77736#v66562137
0
 

Author Closing Comment

by:street9009
ID: 40525292
Thank you!
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
This article explains how to install and use the NTBackup utility that comes with Windows Server.
In this video we show how to create an Accepted Domain in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.: First we need to log into the Exchange Admin Center. Navigate to the Mail Flow >> Ac…
In this video we show how to create an email address policy in Exchange 2013. We show this process by using the Exchange Admin Center. Log into Exchange Admin Center.:  First we need to log into the Exchange Admin Center. Navigate to the Mail Flow…
Suggested Courses

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question