Error occurred during email submission

Products

Email Security.cloud Email Threat Detection and Response

Issue/Introduction

Users are unable to submit false negative emails using Email Security.Cloud submission add-in.

Error occurred during email submission

Environment

Email Security.cloud
Outlook Email Submission add-in
Windows 7 or later

Cause

The issue may be caused due to:

The Symantec submission infrastructure is unable to process the false negative submission due to an error on the back end processing servers.
The outlook email client is unable to establish a connection to the Email Security.cloud infrastructure to process the false negative submission

Resolution

To help in troubleshooting problems with network connectivity and firewall rule implementations, included below are step by step commands that can be executed.

Once all of the information has been gathered, create a compressed archive of the text files, along with the submitter's Email Address and contact our Symantec technical support by opening a support case with this information for analysis.

Before proceeding, make sure you have completed the steps in the "Before you install" section in the article: Install Outlook Email Submission Add-in.

Prerequisites

On the client computer, perform an operating system level connectivity test on established ports from machine/firewall to destination server/firewall. The test should verify routing, DNS resolution, network address translation, ports, and URLs where applicable.

Make sure to allow the following ICMP types temporarily at the firewall level. Enabling access to these types is needed to produce the required responses from the network path.

Type 0 - Echo Reply (ping response)
Type 8 - Echo Request (ping request)
Type 11 - Time Exceeded

To run a Telnet

Note for Windows 7 users; you may have to enable the Telnet client/command. To enable telnet on Windows 7, search in the start menu for “Turn Windows features on or off.” Click on the menu item and turn on the “Telnet client.”

Open Command Prompt (cmd) as the administrator
Enter the following command

telnet submissions.emailsecurity.symantec.com 443 > C:\submission_telnet.txt

If the connection is successful, the resulting output should be displayed

[root]# telnet submissions.emailsecurity.symantec.com 443
Trying 117.120.18.126...
Connected to api.emailsecurity.symantec.com.
Escape character is '^]'.

If the connection fails, make sure to allow access to api.emailsecurity.symantec.com and submissions.emailsecurity.symantec.com on port 443 at the firewall level.

To run a TCP Traceroute

Download and install WinPcap.
Download and install Trace TCP.
Once TraceTCP has been installed, open a command prompt (cmd) as the administrator and enter: tracetcp [add server address here]:[porthere].

tracetcp submissions.emailsecurity.symantec.com:443 -c > c:\submission_tcp.txt

Once the TCP traceroute is completed, please review the text file(s) and make sure that it contains information that can be analyzed. If the file shows information as shown below:

[117.120.18.126:443]  1    *    *    *    Request timed out.
[117.120.18.126:443]  2    *    *    *    Request timed out.
[117.120.18.126:443]  3    *    *    *    Request timed out.

Make sure that ICMP traffic is not being blocked at the firewall level. Once these types have been allowed, run the TCP trace command again, the file should display the path as shown below.

Tracing route to submissions.emailsecurity.symantec.com [117.120.18.126]
over a maximum of 30 hops:

  1     1 ms     1 ms     1 ms  todsrcatdsd01-vlan100.org.symantec.com [192.168.2.2]
  2     2 ms     1 ms     2 ms  ton1-rpi-wan-1-g0-0.org.symantec.com [192.168.2.129]
  3    34 ms     9 ms     8 ms  188.153.13.111
  4   123 ms    92 ms    92 ms  messagelabs-1.bar2.phx2.us.bb.symantec.net [70.255.255.194]
  5    98 ms    98 ms    98 ms  submissions.emailsecurity.symantec.com [117.120.18.126]

Trace complete.