Email messages have been Quarantined by Symantec Mail Security for Microsoft Exchange (SMSMSE) due to a violation with an action specified to Quarantine. When attempting to "Release by mail..." an Email message from Quarantine to a recipient the command completes successfully and the Email is no longer listed in the Quarantine console. However, the desired recipient never receives the message.
To determine if the conditions for this article are met please perform the following steps.
Open Exchange Management Shell as Administrator.
Run the command: Get-TransportAgent
If the following Exchange Antispam Agents are listed then the conditions are met.
Sender ID Agent
Sender Filter Agent
Recipient Filter Agent
Protocol Analysis Agent
Content Filter Agent
After attempting to release a message from Quarantine to a specific recipient run the following command inside the Exchange Management Shell to determine the failure.
(Note: "Start" is a date/time just prior to the release attempt.)
EventID Source Sender Recipients MessageSubject
------- ------ ------ ---------- --------------
Fail SMTP Testuser1@example.com Testuser2@example.com This item has been released from quarantine...
Releasing messages from Symantec Mail Security for Microsoft Exchange (SMSMSE) generates a new email that is sent as an Anonymous sender to the IP address listed under Monitors>Notification Settings. If the Receive Connector accepts the message the object is removed from the SMSMSE console due to the expectation that the Receive connector will deliver the message.
In this instance what is occurring is one of the listed Exchange Antispam Agents are detecting the message and taking an action after accepting the email from Symantec Mail Security for Microsoft Exchange.
To resolve the issue identify which Exchange Antispam Agent is causing the issue.
1) In the Exchange Management Shell run each of the following commands in order choosing "Y" when prompted.
Disable-TransportAgent -identity "Sender ID Agent"