A URL previously clicked on and that was allowed is now being blocked by the Click-time URL Protection service.

Symantec Advanced Threat Protection Email

There are several reasons why this may occur:

• The Click-time URL Protection service may have previously been disabled.
• The Domain in question was previously listed on your organization's Click-time URL Protection whitelist, but has now been removed.
• The content of the destination website has changed and access to the site is no longer considered safe.

Submitting a False Positive sample for analysis

You can send your suspected False Positive sample as an email attachment to the following address:

[email protected]

Instructions on how to attach samples for common email clients are provided below. For all other email clients, refer to the client's documentation or contact the service provider for assistance.

Note: At present we are unable to accept suspected False Positive sample submissions for the Click-Time URL Protection service through the Symantec Email Submission Client (SESC) or the Spam Analysis Tool in the Symantec.cloud portal.

Will I receive feedback on false positive submissions?

Symantec does not acknowledge samples submitted to the above address or provide the results of the investigation. Ensure that you are following the procedure outlined above to submit samples in a correct format. If this fails to resolve the matter, contact your administrator or Symantec support.

How can I verify that the problem has been resolved?

Re-clicking the link will result in our systems testing the end point each time. If we have changed our end processing decision you should be able to access the site without any problems.

Who needs to submit the sample?

The original recipient is the ideal person to submit the sample to the above submission address. Allowing the message to be forwarded to any other recipient prior to submitting the sample can result in vital information being stripped from the email, which would mean we could not accept it as a valid sample.

Mail client instructions for submitting valid samples

The following mail clients have been tested and confirmed to be able to submit samples in the required format. If your mail client does not appear in the list below, consult the Technical Information section of the document for email submission requirements. Also, check your email software documentation to determine whether submissions are possible using your mail client.

Microsoft Outlook 2010 and 2013

Click the More > Forward as Attachment in the Respond group on the Home tab.

Microsoft Outlook 2007

Select the sample message and press Ctrl + Alt + F;
OR
Open a new message and drag the sample message you want to forward out of the "messages" pane into the body of the new message window;
OR
Open a new message, select the “Attach Item” icon and choose 'Item' from the drop down list. Then select the sample message you wish to attach from the "Insert Item" dialog box;
OR
Always forward messages as attachments. Select Tools -> Options -> Preferences Tab -> E-Mail Options. In the ‘On replies and forwards’ section, select “Attach original message“ from the “When forwarding a message” drop down list. Click OK twice. Then select the sample message and click the forward button.

Microsoft Outlook 2003

Open a new message and drag the sample message you want to forward out of the "messages" pane into the body of the new message window;
OR
Open a new message, select the attachment icon and choose 'Item' from the drop down list. Then select the sample message you wish to attach from the "Insert Item" dialog box;
OR
Always forward messages as attachments. Select Tools -> Options -> Preferences Tab -> E-Mail Options. In the ‘On replies and forwards’ section, select “Attach original message“ from the “When forwarding a message” drop down list. Click OK twice. Then select the sample message and click the forward button.

Windows Live Mail/ Microsoft Outlook Express 6

Right-click the sample message > Forward as an attachment.

Netscape Messenger

Right-click the sample message > Forward as an attachment.

Mozilla Thunderbird

Select the sample message (message is highlighted). Click Message -> Forward As -> “Attachment". ("Message" is at the top, next to "File Edit View Go")

Mac OS X Mail

Highlight the sample message. Click Message > “Forward as Attachment” from the menu.

Lotus Notes

For information on using Lotus Notes, read How To Export Messages From IBM Lotus Notes.

--------------------------------------------------------------------------------

Technical Information

* Email attachments MUST be in "message/rfc822" attachment format. RFC 822 is a mime subtype, specified here: http://www.ietf.org/rfc/rfc2046.txt. Section 5.2 of RFC 2046 addresses the "Message Media Type", and section 5.2.1 addresses the "RFC 822 subtype". The full internet headers and body of the message should be retained exactly as the message was received and forwarded intact as an attachment.

As a general guideline, email attachments should be in the same file format that the mail client uses. For example, .msg attachments will work from Outlook providing the step-by-step instructions above are followed; .eml attachments will work from mail clients such as Windows Live Mail / Microsoft Outlook Express / Hotmail etc.

NOTE: Symantec DOES NOT see submissions as valid if email attachment are in a format other than message/rfc822. For example, submissions with .eml attachments from Outlook or submissions with .msg attachments from Outlook Express will be seen as invalid submission.

** Multiple sample emails may be attached to one submission email providing the overall size limit of 2MB per submission, including attachments, is not exceeded.

Note that any false positive or missed spam messages that you submit to Symantec Corporation may contain personally identifiable information such as email addresses and information in email message body and/or enclosures. Symantec uses this information globally only for creating spam detection rules. We encourage the submission of false positives or missed spam, because it makes our product more effective and enables us to serve you better. Access to this information is not shared with any third party and it is restricted to Symantec personnel involved in spam rule creation. For any question regarding your personal information you may read our Privacy Policy or contact us at [email protected].