Update 15/05/2022 23:00
Another two years pass, and we’re still blocked by Broadcom’s MessageLabs platform and they still continue to ignore our reporting of false positives. The amount of companies and governmental services that unfortunately use Broadcom’s MessageLabs platform is staggering. It is used by several police departments within the UK, which during an incident we were trying to assist with in June 2020, we actually couldn’t email the police with vital information that could have saved someone’s life. Unfortunately due to this technical negligence we were unable to get the information to them in a timely manner. It may have made no difference, but this surely can’t be acceptable?
Update 05/05/2020 20:37
We have again tried to contact support at Symantec for help with this issue. We unfortunately were unable to get anywhere this time either, though it appears that they have now been bought out by Broadcom. They couldn’t answer any of my queries because I was not a customer, and couldn’t transfer me to anyone else who could help.
The lady I spoke to was working from home but she was dealing with calls on the enterprise support line and unfortunately she didn’t understand anything of what I was saying. Although, she was trying to be helpful, her supervisors didn’t care and directed me to an incorrect “Report False Positive” page for their Antivirus product. After an hour and a half I terminated the call with some sage wisdom. I suggested that she consider working for a different company who care about their customers, the people affected by their customers and people affected by their services. I told her to look after herself and stay safe.
During this time, it is critical for people to be able to email each other, and we’ve been trying to fix this problem for over a year with no assistance. My recommendation still remains to avoid Symantec (which are now Broadcom) as best as you can.
If you want to try and help us, please submit our IP on Symantec’s IP Reputation Investigation page. (Our IP is 46.4.170.226 and we do not send spam.)
If you’d like to get in touch with us about this, please use our General Contact Us form
[Original Post]
Over a year ago, we started receiving support requests from customers who said that their emails were not being delivered. We investigated the issue and found out that all the emails that were disappearing ended up being received by a Symantec ‘MessageLabs’ endpoint.
This filtering service is intended to filter out suspected spam e-mails, however when the system detects your message as spam, it does not make any effort to inform the sender that their message won’t be delivered to the intended recipient. The ‘MessageLabs’ system just deletes the message and doesn’t inform the recipient or the sender. This is a practice called ‘Blackholing’, which is very much considered bad netiquette as it makes diagnosing problems like this very difficult.
Symantec does offer a page to check the IP address of your server and to request a delisting. However, this is only useful if you know that you’re being filtered by the ‘MessageLabs’ platform. Another issue with this page is it does not function. You can submit your information as many times as you like, from different browsers, different locations and it does not work. Each time you make a submission you are also required to complete a Google Recaptcha. After you’ve made dozens of requests, this gets extremely frustrating.
After having no luck with their reputation/spam delisting process, the furthest information we were ever able to get was that our IP did not have enough mail sent from it to make a decision whether it was spam or not, therefore it marks us as unsolicited email and prevents delivery to the intended recipient.
I then went onto the Symantec forums and posted about the issue, only to find that I was not the only person dealing with the same problem, there were over 10 posts describing similar issues. My thread, to this day almost 8 months later, there hasn’t been a single reply from a Symantec employee.
More than frustrated, I decided to give Symantec’s enterprise support line a call and explain the issue I was facing. The lady I spoke to was incredibly unhelpful explaining that since I was not a customer, she could not talk to me. She gave me an email address to message to enquire about the service. Of course, I asked her if they used the same mail filter on their addresses that they use on their platform – something she couldn’t give me an answer to – to make sure that this wasn’t an exercise in futility.
To this day, I have not received any reply from Symantec, their agents or their employees. This is such a bad demonstration for a company responsible for internet mail delivery. A lot of government institutions use the ‘MessageLabs’ platform and would be unaware that legitimate emails are being blocked.
To summarise, Symantec’s IP reputation and delisting system does not work, they ‘blackhole’ emails that they have no intention of delivering and they do not inform the sender that the email delivery has failed (either in the SMTP response, or later with a system like DMARC reporting).
If you are considering using the Symantec ‘MessageLabs’ email filtering technology, please be aware that they do not respond to appropriate communications from other server administrators on the internet and certainly do not follow standard practice with regards to email delivery.
Are Symantec really this bad? Yes. Is their ‘MessageLabs’ platform awful? Yes, and it’s also harmful to the ecosystem of the internet at large. I would strongly suggest researching a company’s policies and reviewing how they respond to legitimate queries as an indication of how your reputation could be affected because they have made automated decisions about your mail without consulting you.
Therefore, our recommendation is that this is a product / service to be avoided.