Symantec Mail Security for Microsoft Exchange. Same Subject Outbreak triggers without the required number of messages.
Last Updated July 18, 2014
You receive Same subject outbreak notifications. When you review the Exchange logs you do not see the number of messages required to trigger the outbreak.
Symantec Mail Security for Microsoft Exchange calculates the number of messages with the Same Subject based upon the scan requests placed by Microsofts Virus Scanning API (VSAPI). When the scan request is made VSAPI provides the message Subject and Attachment Name. Messages with multiple attachments will trigger outbreaks from fewer messages because we record the Subject for each scan request and a scan request will be issued for each attachment.
This is working as designed. Message bodies, including the subject line, typically do not contain threats or security risks. In the event of the Same subject outbreak being triggered this can be cleared. To clear the outbreak log into the console, select policies from the menu and under tasks select clear current outbreak.
Imported Document ID: TECH182987
Subscribing will provide email updates when this Article is updated. Login is required to Subscribe