Quantcast
Channel: Symantec Connect - Products
Viewing all 21587 articles
Browse latest View live

AD Attribute lookup

September 21, 2017, 12:26 am
$
0
0
I need a solution

Hello guys,

I have done DLP 14.6 installation and had also integrated Active Directory with Symantec DLP.

Now I want to create custome attributes and want to map it in symantec DLP

How can I achive that.?

How to create attribute mapping script from AD in symantec DLP console?

EX. attr.LDAP\ givenName=:(|(sAMAccountName=$endpoint-user-name$)(mail=$sender-email$)):givenName
attr.LDAP\ telephoneNumber=:(|(sAMAccountName=$endpoint-user-name$)(mail=$sender-email$)):telephoneNumber

Could any one help me with the explanation of above script.

Thanks

Kunal S

0
Search

Host Integrity Policy - SEP14 MP2

September 21, 2017, 12:53 am
$
0
0
I need a solution

Hi,

I am going to create host integrity policy in our organization, we are using SEP14 MP2 version, I want to know how host integrity policy work? and I'm looking to use these options "Install antivirus if it has not been installed on the client" and "start antivirus if it is not running on the client" how this discovers without SEP machines on the network?

How to give execute command? What are the execute commands available for host integrity policy? Anyone please share the above details

0

DLP issues discovered

September 21, 2017, 1:54 am
$
0
0
I need a solution

Hi everybody.

We are facing the following issues on DLP solution installed in our customer’s production environment.

  • We need to detect credit card numbers through the following protocols: Local Disks, External Disks, Network Shares, Clipboard, Print, SMTP and CD/DVD.
    • If I use Local Disks, External Disks, Network Shares and Clipboard protocols, it’s required a separator (before or after 16 digits) to detect a valid credit card number
    • If I use Print and SMTP protocols, credit card number is directly detected (without using a separator)
  • I need to intercept mails sent to external email accounts. We haven’t a finished list, so I set a REGEX to intercept all email accounts except those related to our customer.
    • By reading official documentation, a REGEX works on all message components, although I flagged some component (e.g. I excluded “Body” component).
    • This is a situation no happy for me: if I forward a previous mail (containing a credit card number and sent to an external mail account) to internal mail account now, will be triggered 2 policies:
      • That one for monitoring of internal use à correctly
      • That one for monitoring of external use à not correctly, because the REGEX always looks body section of the entire message (where there is my previous mail to external mail account), although I excluded “Body” component.

Could you help me please ?

Best regards,

Luigi

0

Outbreak Management

September 21, 2017, 3:57 am
$
0
0
I need a solution

Dear Community,

I'd like to ask for your help. I've set up Outbreak Managament according to the documentation but it seems I've misconfigured something, because it simply won't do what I want.

My goal is simple: SMSME automatically recognizes mass spams and handle it accordingly.

  1. I've enabled advanced scanning options for Auto-Protect scanning
  2. Enabled "Quarantine Triggered Subjects" default content filtering rule -> LOG only, because I want to test it
  3. Enabled "Same Subject" outbreak rule, and Update Match List
  4. Added "Outbreak Triggered Subject Lines" rule
    • In Users tab, I've added some mail addresses with wildcard (*) that should NOT be considered as spammer if sending a tons of emails

With this done, I thought it is going to work. However, when a user in my domain is trying to send mass emails, SMSME alerts me every time which is not good. Not to mention that when I see mass emails from outside are not even recognized by Outbreak Management.

Thank you and looking forward to your answer,
Csaba

0

Associer 2 licences utilisateurs

September 21, 2017, 6:01 am
$
0
0
I need a solution

Bonjour,

J'ai 50 utilisateurs dans mon réseau mais j'ai 2 installations de 25 utilisateurs chacunes.

Est-ce possible d'associer les 2 licences dans un même serveur ?

Cordialement.

0

External senders don't receive 552 5.3.4 NDR

September 21, 2017, 6:31 am
$
0
0
I need a solution

Hi All,

We use Exchange 2010 SP2 as CAS+Hub Transport+Mailbox and Brightmail 10.6.3-2. The limit for inbound messages is 30MB on Brightmail and 20MB on Exchange.

When an external sender try to send a message to non-existing user (in our organizsation) he gets the NDR:

"The e-mail address you entered couldn't be found. Please check the recipient's e-mail address and try to resend the message. If the problem continues, please contact your helpdesk." - works correctly.

But when the same sender tries to send a message with size more then 20MB he won't get the NDR. The only delivery problem report I can see is in brightmail log:

"552 5.3.4 message size exceeds fixed maximum message size"

My questions are

"How to configure Brightmail to send NDR for 552 5.3.4?"

or

"How to redirect NDR fro Exchange to the original sender?"

Please assist.

Regards,

0

Removal request

September 21, 2017, 6:49 am
$
0
0
I need a solution

Hello support !

I would like to ask you to check if your mail server are blocking our IP addresses. When trying to connect to your servers I get timeout :

telnet cluster1.eu.messagelabs.com 25
Trying 85.158.136.67...
telnet: connect to address 85.158.136.67: Connection timed out

The IP of our server is 148.251.152.171

Could you check ?

thank you in advance

Andrzej Zielinski

0

SymantecDLPITAnalytics Hardware requirement and configuration

September 21, 2017, 6:51 am
$
0
0
I need a solution

Hello,

I like to probe the SymantecDLPITAnalytics that comes with the dlp 14.6 installers , but I dont find information about the hardware requirements and your configuration.

someone implemented it?

Regards

0
Search

Mensagens recebem bypass

September 21, 2017, 6:57 am
$
0
0
I need a solution

Bom dia,

gostaria de saber se alguem já evidenciou e-mails que chegam no formato send-conta_de_email-1618-meu_dominio.com.br-8@dominio_do_spam.com.br que no caso, usa uma conta de e-mail valida como meu dominio @ o dominio do remetente do spam e recebem bypass? Creio que o bypass esteja sendo dado por haver o meu dominio no endereço de e-mail, ja criei filtros de conteudo para bloquear estas mensagens mas, não conseguem bloquea-las, ao que parece, que elas recebem o bypass antes de serem analisadas pelo content filter.

Obrigado,

Felippe.

0

connect to clusterxx.us.messagelabs.com...Connection refused

September 21, 2017, 7:03 am
$
0
0
I need a solution

I haven't needed to email many people behind Symantec 'messagelabs' protection, but this 'connection refused' issue has come up again, so I'm checking it out further.

My mail server was assigned a new public IP address (74.117.210.6) some time back and I've been unable to email 'messagelabs' recipients since.

I've checked the lookup tool (http://ipremoval.sms.symantec.com/lookup/) against my mail server IP and it came back clean.

My situation seems very simlar to this one where an *internal* list at Symantec was involved:
https://www.symantec.com/connect/forums/connect-cl...

0

How to stop a Agent services and view the dump file - Dlp enpoint

September 21, 2017, 7:08 am
$
0
0
I need a solution
Hello ,
 
In the enforce console, one agent indicate the following warning:
 
SummaryAgent was crashed and process dump is available for analysis
DetailAgent service is crashed. Agent crashddump is available on the Endpoint for analysis
CategoryCrash Dump Status
SubCategoryAgent crash dump available on endpoint for analysis
 
I like to view the information of this dump file, but from the enforce console its not possible to stop the agent.
Only the WDP service is running in the desktop , this service point to"C:\Program Files\Manufacturer\Endpoint Agent\wdp.exe"
 
Its possible to force this service stop? Its any workaround from this issue?
And there is any tool from symantec I can use to view the dump files?
 
Regards
0

501 Connection rejected by policy [7.7] 20604 IPs ALL Clean URGENT

September 21, 2017, 8:02 am
$
0
0
I need a solution

Hi,

I already check http://ipremoval.sms.symantec.com/lookup/, but my IPs  does not have a negative reputation. I have a client waiting for my service proposal
and he does not receive my email.

MY IPs
64.187.229.179
64.187.229.180
64.187.229.181

Bruno 

2017-09-21 11:36:05 1dv2aA-0005AW-AO ** XXXXXXXXXXXX R=dkim_lookuphost T=dkim_remote_smtp H=cluster4.eu.messagelabs.com [85.158.139.211]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 20604, please visit www.messagelabs.com/support for more details about this error message.
2017-09-21 11:36:05 1dv2aA-0005AW-AO ** XXXXXXXXXXXXXX R=dkim_lookuphost T=dkim_remote_smtp H=cluster4.eu.messagelabs.com [85.158.139.211]: SMTP error from remote mail server after initial connection: 501 Connection rejected by policy [7.7] 20604, please visit www.messagelabs.com/support for more details about this error message.

0

Emails to messagelabs customers being blocked with 553 Message filtered

September 21, 2017, 8:39 am
$
0
0
I need a solution
Hello,
 
In the last few days all of our corporate emails to certain clients are being blocked, with the same response:
 
553 Message filtered. Refer to the Troubleshooting page at http://www.symanteccloud.com/troubleshooting for more information. (#5.7.1) 
 
We have checked against the troubleshooting page and cannot see anything wrong. We have a suspicion that it may be due to a recent change for one of our clients where we routed the emails being sent from the platform we provide them through messagelabs. Each email sent was also being BCC'd to one of our email address for auditing purposes, and we wonder if this has flagged something up at your end? We have reversed this now.
 
I have emailed investigation@review.symantec.com with more info, but we also thought we would try here in case we get a faster response as it's causing us a number of problems.
 
Any help would be very much appreciated!
 
Regards,
 
Nathan.
0

ATP

September 21, 2017, 9:33 am
$
0
0
I need a solution

Hi All,

Could anyone please confirm if ATP components and SEPM should have access to Symantec’s Cloud (for example, checking the reputation in cloud.)

As part of the POC effort for a few weeks, it may be required to test the different functionality of EDR for which we may need to have connectivity to cloud in order to have product updates or content updates. If yes, could you provide the requirements (example,Domain names, ports), as we need to check the feasibility with network Infra team.

Thanks in advance.

0

How do I backup my custom exeptions and settings on an unmanaged client?

September 21, 2017, 10:18 am
$
0
0
I need a solution

Hello! I'm using an unmanaged client. A few days ago, I started getting the message "Proactive Threat Protection is not functioning correctly." I've tried using SymDiag.exe, and updating from 14.1 to 14.2, but nothing I try seems to fix the error. I'm just going to try uninstalling and reinstalling Symantec, but I have a lot of custom settings and file/folder exeptions that I don't want to redo. I know that with SEP Manager, you can control and backup these settings, but I can't seem to find any info about an unmanaged client. Is there a way to backup and restore these setings after I reinstall it? Do I need to install Manager, backup my settings, reinstall SEP, restore my settings, and uninstall Manager? Thanks!

0
Search

SMG JumboFrame support (MTU Size)

September 21, 2017, 10:23 am
$
0
0

Maybe can help look into supporting JumboFrames for SMG? Currently SMG MTU is Limited to 1500. 

Just want to share my experience with SMG MTU limitation, we have a requirement to increase MTU to higher than 1500 but unfortunately SMG cannot support JumboFrames. Maybe can include it to SMG additional feature in the near future. Thanks.

Multiple attacks on my computer, help!!!!

September 21, 2017, 10:35 am

Emails being blocked by massagelabs

September 21, 2017, 4:27 pm
$
0
0
I need a solution

Hello.

The IP of my Dedicated Server is being blocked in e-mail submissions to recipients using messagelabs

My Server IP is 216.245.210.218

Hostname is server.brzoom.com.br

See this:

This message was created automatically by mail delivery software.

A message that you sent could not be delivered to one or more of its recipients. This is a permanent error. The following address(es) failed:

  Enos.SOARES@danone.com
    host cluster5.eu.messagelabs.com [85.158.138.179]
    SMTP error from remote mail server after initial connection:
    501 Connection rejected by policy [7.7] 16909, please visit www.messagelabs.com/support for more details about this error message.

Also, see image attached, please.

Plese, check it for me.

Thank you for helping me.

0

Header Rewrite SG300

September 22, 2017, 1:20 am
$
0
0
I need a solution

Hello together,

i have a problem with a sepecific Homepage where the http header is been rewritten by onknown reasons. May anyone can help me here.

Has the bluecoat any options to do such thing ? I've only found a option in the VPM ("Add Request Header Object") but there isn't such thing configured. So the normal header of the website should be used.

False Header after access the website through the Proxy:

User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; WOW64; Trident/7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; Media Center PC 6.0; .NET4.0C; .NET4.0E; MAFS; InfoPath.3; Open Codecs 0.85.17777)

This has to be the header instead:

User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

0

""Go to Meeting" Exceptions

September 22, 2017, 1:35 am
$
0
0
I need a solution

Hello Everyone, 

"Go to Meeting" is constantly being blocked after adding exclusions on the exceptions and Application control. If you have a solution in mind please share. 

Thank you, 

Kind Regards.

0
Viewing all 21587 articles
Browse latest View live
Search
<script src="https://jsc.adskeeper.com/r/s/rssing.com.1596347.js" async> </script>