Internal mail servers: non-gateway deployments
When deployed at the gateway, Symantec Messaging Gateway obtains the physical or peer IP connection for an incoming message and compares it to entries in the good sender and bad sender groups. If a Scanner is deployed elsewhere in your network, for example, downstream from a gateway MTA that is not identified as an internal mail host, Symantec Messaging Gateway may identify the IP address of your gateway server as a source of spam. You should accurately identify all internal mail hosts that are, with respect to inbound mail flow, upstream from your Symantec Messaging Gateway appliance.
In addition to internal mail hosts you can add, Symantec Messaging Gateway includes a series of IP address ranges in the internal hosts list as follows:
- 0.0.0.0/255.0.0.0
- 10.0.0.0/255.0.0.0
- 127.0.0.0/255.0.0.0
- 169.254.0.0/255.255.0.0
- 172.16.0.0/255.240.0.0
- 192.168.0.0/255.255.0.0
- ::/128
- ::1/128
- fe80 ::/10
- fc00::/7
Symantec Messaging Gateway will exclude the IP addresses of internal mail hosts from the following verdicts:
- Local Good Sender IPs
- Third Party Good Senders
- Local Bad Sender IPs
- Third Party Bad Senders
- Directory Harvest Attacks
- Symantec Global Bad Senders
- Symantec Global Good Senders
- Connection Classification
- Email Virus Attacks
- Fastpass