Error: "553-Message filtered" for legitimate email incorrectly marked as spam by Symantec email services
search cancel

Error: "553-Message filtered" for legitimate email incorrectly marked as spam by Symantec email services

book

Article ID: 173867

calendar_today

Updated On:

Products

Email Security.cloud

Issue/Introduction

Legitimate email, either outbound or inbound, is incorrectly flagged as spam (e.g. a false positive) by Symantec email services. This email may have the following error:

553 - Message Filtered

You may also experience or see the following issues:

  • Email is classified as a false positive
  • Email is blocked due to heuristics
  • Outbound mail sent to a Gmail or other account was not delivered
  • Email Track and Trace shows an action as Quarantined, Blocked, Redirected, or Subject Tagged.
  • Email Track and Trace shows email blocked by the Symantec Anti-spam service.

Resolution

Submit your email false positives for analysis, as follows:

Step 1: Retrieve an email sample

Retrieve a sample of the legitimate email flagged as spam using the "message/rfc822" email attachment format (with an .eml or .msg file extension).

If the original email is blocked or deleted, use one of the following options to obtain a copy of the original email:

  • Add the envelope sending email temporarily to your Anti-Spam Approved Senders list in the administration portal and request the external party to resend the email.

    Remember to remove the sender once the issue is addressed.

  • Request the external party to save the original email, in their Sent folder, in "message/rfc822" email attachment format.

    Zip and password protect the file and then send the password-protected file to your organization.

  • Request the external party to resend the original email, usually found in their Sent folder, to an email address at your domain that is excluded from spam scanning.

    Learn how to exclude a specific recipient email address from inbound spam scanning.

Step 2: Submit an email sample for analysis

  1. Log in to the Email Security.cloud portal.
  2. Select Tools > Email Submissions.
  3. Click Submit False Positive.
  4. Next to "Email sample", click Browse.
  5. Select the .eml or .msg sample file you retrieved earlier, and then click Check.

    The submitted sample is scanned by the Signaturing or Skeptic Heuristics scanners to determine if it is still detected as spam.

  6. After being scanned you will see one of the following messages:
    • If the sample is clean and is not detected as spam:

      This email is not classified as spam

    • If the same is not clean and is still detected as spam:

      Submit False Positive
      This email is currently classified as spam. Provide your contact information and submit the sample for investigation

  7. Fill out your name and include up to three email recipients, and then click Submit Sample.
  8. Upon submission, you will receive an email from [email protected] indicating that the sample has been submitted for analysis. This email contains a Submission ID and a Sample ID.

    To contact Support in relation to a submitted sample, you need both IDs.

  9. Once we review your submission, we will send you an email that states whether or not the detection is amended for this specific submission.

Step 3: Monitor spam false positive submissions

Learn how to monitor the status of spam false positive submissions

Alternative submission process

Use the Anti-Spam submission portal if you are unable to submit a sample or we have asked you to submit using an alternate method.

Additional Information

Disclaimer

Any false positive or missed spam messages that you submit to Broadcom may contain personally identifiable information such as email addresses and information in email message body and or enclosures. Broadcom uses this information globally only for creating spam detection rules.

We encourage the submission of false positives or missed spam because it makes our product more effective and enables us to serve you better. Access to this information is not shared with any third party, and it is restricted to Broadcom personnel that are involved in spam rule creation.

For any question regarding your personal information, see the Broadcom Privacy Policy.