symantec smtp mail filter help
I'm hoping someone out there has done this already. I am currently using symantec's mail security for smtp. I have been using the ldap sync to let it dump mail to invalid recipients up front. Using version 5.0.1 on W2k3 server. The autofill settings for ldap synchronization DO NOT find secondary smtp addresses. I have an account created for marketing purposes that has SEVERAL secondary addresses setup and have to turn ldap lookup off in order for mail to those addresses to pass through. Symantec tech support tells me they don't support the cusomization of the ldap querry that would enable to filter to inlcude secondary smtp adresses, but someone familiar with ldap could modify to querry to do that. anyone able to help with that? here is what the current querry looks like: ((|(objectCategory=group)(objectCategory=person))((|(mail=*)(proxyAddresses=*))(sAMAccountName=*))) ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: symantec smtp mail filter help
I can't help with your LDAP query, but I'm also a Symantec Mail Security for SMTP user. I decided not to use their LDAP sync feature after support told me it sends out an NDR for every e-mail sent to an invalid recipient. I didn't want to send that much backscatter out onto the Internet. Just something to think about. Richard Osborne Information Systems Jackson-Madison County General Hospital NOTICE: (1) The foregoing is not intended to be a legally binding or legally effective electronic signature. (2) This message may contain legally privileged or confidential information. If you are not the intended recipient of this message, please so notify me, disregard the foregoing message, and delete the message immediately. I apologize for any inconvenience this may have caused. From: Jeff Brown [mailto:2jbr...@gmail.com] Sent: Friday, March 13, 2009 10:38 AM To: MS-Exchange Admin Issues Subject: symantec smtp mail filter help I'm hoping someone out there has done this already. I am currently using symantec's mail security for smtp. I have been using the ldap sync to let it dump mail to invalid recipients up front. Using version 5.0.1 on W2k3 server. The autofill settings for ldap synchronization DO NOT find secondary smtp addresses. I have an account created for marketing purposes that has SEVERAL secondary addresses setup and have to turn ldap lookup off in order for mail to those addresses to pass through. Symantec tech support tells me they don't support the cusomization of the ldap querry that would enable to filter to inlcude secondary smtp adresses, but someone familiar with ldap could modify to querry to do that. anyone able to help with that? here is what the current querry looks like: ((|(objectCategory=group)(objectCategory=person))((|(mail=*)(proxyAddr esses=*))(sAMAccountName=*))) ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: symantec smtp mail filter help
Are you sure it doesn't do the check during SMTP and just return a 5xx invalid recipient to the still connected sending server? That is the point of these kinds of LDAP lookups generally. I HOPE the support guy misspoke.. From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Friday, March 13, 2009 12:32 PM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help I can't help with your LDAP query, but I'm also a Symantec Mail Security for SMTP user. I decided not to use their LDAP sync feature after support told me it sends out an NDR for every e-mail sent to an invalid recipient. I didn't want to send that much backscatter out onto the Internet. Just something to think about. Richard Osborne Information Systems Jackson-Madison County General Hospital NOTICE: (1) The foregoing is not intended to be a legally binding or legally effective electronic signature. (2) This message may contain legally privileged or confidential information. If you are not the intended recipient of this message, please so notify me, disregard the foregoing message, and delete the message immediately. I apologize for any inconvenience this may have caused. From: Jeff Brown [mailto:2jbr...@gmail.com] Sent: Friday, March 13, 2009 10:38 AM To: MS-Exchange Admin Issues Subject: symantec smtp mail filter help I'm hoping someone out there has done this already. I am currently using symantec's mail security for smtp. I have been using the ldap sync to let it dump mail to invalid recipients up front. Using version 5.0.1 on W2k3 server. The autofill settings for ldap synchronization DO NOT find secondary smtp addresses. I have an account created for marketing purposes that has SEVERAL secondary addresses setup and have to turn ldap lookup off in order for mail to those addresses to pass through. Symantec tech support tells me they don't support the cusomization of the ldap querry that would enable to filter to inlcude secondary smtp adresses, but someone familiar with ldap could modify to querry to do that. anyone able to help with that? here is what the current querry looks like: ((|(objectCategory=group)(objectCategory=person))((|(mail=*)(proxyAddresses=*))(sAMAccountName=*))) ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: symantec smtp mail filter help
From the case log: -advised customer that invalid recipients would still send an NDR back to the sender. This is due to RFC requirements for accepting ownership of messages. Your way makes much more sense to me, but he seemed to know the product and that's what he said. I'm no SMTP expert, but it sounds like they are accepting the message before validating the recipient. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, March 13, 2009 11:38 AM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help Are you sure it doesn't do the check during SMTP and just return a 5xx invalid recipient to the still connected sending server? That is the point of these kinds of LDAP lookups generally. I HOPE the support guy misspoke.. From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Friday, March 13, 2009 12:32 PM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help I can't help with your LDAP query, but I'm also a Symantec Mail Security for SMTP user. I decided not to use their LDAP sync feature after support told me it sends out an NDR for every e-mail sent to an invalid recipient. I didn't want to send that much backscatter out onto the Internet. Just something to think about. Richard Osborne Information Systems Jackson-Madison County General Hospital NOTICE: (1) The foregoing is not intended to be a legally binding or legally effective electronic signature. (2) This message may contain legally privileged or confidential information. If you are not the intended recipient of this message, please so notify me, disregard the foregoing message, and delete the message immediately. I apologize for any inconvenience this may have caused. From: Jeff Brown [mailto:2jbr...@gmail.com] Sent: Friday, March 13, 2009 10:38 AM To: MS-Exchange Admin Issues Subject: symantec smtp mail filter help I'm hoping someone out there has done this already. I am currently using symantec's mail security for smtp. I have been using the ldap sync to let it dump mail to invalid recipients up front. Using version 5.0.1 on W2k3 server. The autofill settings for ldap synchronization DO NOT find secondary smtp addresses. I have an account created for marketing purposes that has SEVERAL secondary addresses setup and have to turn ldap lookup off in order for mail to those addresses to pass through. Symantec tech support tells me they don't support the cusomization of the ldap querry that would enable to filter to inlcude secondary smtp adresses, but someone familiar with ldap could modify to querry to do that. anyone able to help with that? here is what the current querry looks like: ((|(objectCategory=group)(objectCategory=person))((|(mail=*)(proxyAddr esses=*))(sAMAccountName=*))) ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
RE: symantec smtp mail filter help
Now that you quote that I remember seeing this about Symantec before and their silly RFC claim. You do not accept ownership of the message until you 250 OK at the end of the transaction. Sending 5xx after receipt to leaves ownership with the sending server, is fully RFC compliant and the best way to do it. I applaud you for not sending backscatter, very cool. From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Friday, March 13, 2009 12:50 PM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help From the case log: -advised customer that invalid recipients would still send an NDR back to the sender. This is due to RFC requirements for accepting ownership of messages. Your way makes much more sense to me, but he seemed to know the product and that's what he said. I'm no SMTP expert, but it sounds like they are accepting the message before validating the recipient. From: Kennedy, Jim [mailto:kennedy...@elyriaschools.org] Sent: Friday, March 13, 2009 11:38 AM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help Are you sure it doesn't do the check during SMTP and just return a 5xx invalid recipient to the still connected sending server? That is the point of these kinds of LDAP lookups generally. I HOPE the support guy misspoke.. From: Osborne, Richard [mailto:richard.osbo...@wth.org] Sent: Friday, March 13, 2009 12:32 PM To: MS-Exchange Admin Issues Subject: RE: symantec smtp mail filter help I can't help with your LDAP query, but I'm also a Symantec Mail Security for SMTP user. I decided not to use their LDAP sync feature after support told me it sends out an NDR for every e-mail sent to an invalid recipient. I didn't want to send that much backscatter out onto the Internet. Just something to think about. Richard Osborne Information Systems Jackson-Madison County General Hospital NOTICE: (1) The foregoing is not intended to be a legally binding or legally effective electronic signature. (2) This message may contain legally privileged or confidential information. If you are not the intended recipient of this message, please so notify me, disregard the foregoing message, and delete the message immediately. I apologize for any inconvenience this may have caused. From: Jeff Brown [mailto:2jbr...@gmail.com] Sent: Friday, March 13, 2009 10:38 AM To: MS-Exchange Admin Issues Subject: symantec smtp mail filter help I'm hoping someone out there has done this already. I am currently using symantec's mail security for smtp. I have been using the ldap sync to let it dump mail to invalid recipients up front. Using version 5.0.1 on W2k3 server. The autofill settings for ldap synchronization DO NOT find secondary smtp addresses. I have an account created for marketing purposes that has SEVERAL secondary addresses setup and have to turn ldap lookup off in order for mail to those addresses to pass through. Symantec tech support tells me they don't support the cusomization of the ldap querry that would enable to filter to inlcude secondary smtp adresses, but someone familiar with ldap could modify to querry to do that. anyone able to help with that? here is what the current querry looks like: ((|(objectCategory=group)(objectCategory=person))((|(mail=*)(proxyAddresses=*))(sAMAccountName=*))) ~ Ninja Email Security with Cloudmark Spam Engine Gets Image Spam ~ ~ http://www.sunbeltsoftware.com/Ninja~
