Configure Dual Delivery: Symantec MessageLabs

This topic describes how to configure dual delivery for Symantec MessageLabs environments.

NOTE: Please note that you will not be able to obtain accurate envelope recipient information, as there is no way to retain the original envelope recipient within the MessageLabs environment. While this may be acceptable for a proof of concept of Cloud Email Protection, you should journal from the downstream O365 or Exchange environment for a production deployment.

The general procedure is as follows:

Step 1: Create A and MX records for each on-premises sensor. (Note: This step is not needed if the sensor is hosted.)

Step 2: Create a data protection policy to copy all inbound messages to the sensors.

Step 1: Create A and MX Records for Each Sensor

This first step is only necessary for on-premises sensors. In your DNS, create A records for each of your sensors. Note that your sensors will need public route-able static IP addresses, and they must be reachable on TCP port 25.

Next, for each sensor create an MX record for
dual-delivery.YOURDOMAIN.COM, with a priority of "10" and the A record of one of your sensors. The TTL is not particularly important; any value between 3600 and 86400 is acceptable. Repeat for each sensor. The specifics of how to do this will depend on your DNS provider.

Step 2: Create a Data Protection Policy to copy all Inbound Messages

  1. Log into the Symantec Message Labs Management Dashboard and go to Data Protection under the Services tab:
  2. Symantec Message Labs Management Dashboard.
  3. Name the policy Dual-Delivery.
  4. Enter a Description, such as Send a copy of all inbound email for metadata analysis.
  5. Configure the remaining settings as follows:
    • Apply to: Inbound email only
    • Execute if: ALL rules are met
    • Action: Copy to Administrator
    • Leave the Stop evaluation of lower priority policies check box unselected
    • Administrator email: Enter any address that will be delivered to your sensors. For a hosted sensor, this address will be something like the following:

    sensor@SHORTNAME.hosted.agari.com

    • For an on-premises sensor, this address will be something like the following:

    sensor@SUBDOMAIN.COMPANY.COM

    • Leave the Use custom check box selected
    • Make sure that Rule 1 has the Match all chuck box selected
  6. Click Save.

NOTE: You should adjust your newly-created data protection policy to be the last policy that applies to inbound email. You'll do this on the Data Protection policy list page.