Virus Outbreak alert notifications are sent when outbreak detection is triggered by unscannable messages rather than virus infected messages.
When investigating the outbreak using Message Audit Logs (MAL), you find that there are a high amount of unscannable items being triggered. Further investigation using MAL shows these messages to be Malformed MIME and not virus infected.
Sometimes spammers will use software that do not format their spam messages properly. The content of these messages do not meet protocol standards and are rejected as unscannable by the Symantec Messaging Gateway.
Unscannable is a verdict rendered by the virus scanning component, so a large amount of these messages can trigger the virus outbreak alert.
No steps need to be taken for these items provided the Symantec Messaging Gateway has an appropriate action configured for unscannable items. The Symantec Messaging Gateway is functioning as designed by triggering the unscannable verdict for malformed messages.
With SMG version 10.0.0 and later, Virus Outbreak alerts will no longer be triggered by groups of unscannable messages.
Customers are encouraged to update to the latest availble release at their earliest convenience.
Imported Document ID: TECH157545
Subscribing will provide email updates when this Article is updated. Login is required.