Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
13-9
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 13 Anti-Spam
Defining Anti-Spam Policies
Step 6
Submit and commit your changes.
What To Do Next
If you enabled anti-spam scanning for outgoing mail, check the anti-spam settings of the relevant host
access table, especially for a private listener. See
access table, especially for a private listener. See
Related Topics
•
Understanding Positive and Suspect Spam Thresholds
When evaluating messages for spam, both anti-spam scanning solutions apply thousands of rules in order
to arrive at an overall spam score for the message. The score is then compared to the thresholds specified
in the applicable mail policy to determine whether the message is considered spam.
to arrive at an overall spam score for the message. The score is then compared to the thresholds specified
in the applicable mail policy to determine whether the message is considered spam.
For highest accuracy, the threshold for positive identification as spam is quite high by default: Messages
scoring between 90 and 100 are considered to be positively identified as spam. The default threshold for
suspected spam is 50.
scoring between 90 and 100 are considered to be positively identified as spam. The default threshold for
suspected spam is 50.
•
Messages with scores below the suspected spam threshold will be considered legitimate.
•
Messages above the suspected threshold but below the positive-identification threshold will be
considered to be suspected spam.
considered to be suspected spam.
You can configure your anti-spam solution to reflect the spam tolerance levels of your organization by
customizing the Positive and Suspected spam thresholds in each mail policy.
customizing the Positive and Suspected spam thresholds in each mail policy.
(Optional) Add Custom
Header
Header
You can add a custom header to identified messages.
Click Advanced and define header and value.
You can use a custom header in conjunction with a content filter to
perform actions such as redirecting URLs in suspected spam
messages so that they pass through the Cisco Web Security proxy
service. For information, see
perform actions such as redirecting URLs in suspected spam
messages so that they pass through the Cisco Web Security proxy
service. For information, see
(Optional) Send to an Alternate
Envelope Recipient
Envelope Recipient
You can have identified messages sent to an alternate envelope
recipient address.
recipient address.
Click Advanced and define an alternate address.
For example, you could route messages identified as spam to an
administrator’s mailbox for subsequent examination. In the case of a
multi-recipient message, only a single copy is sent to the alternate
recipient.
administrator’s mailbox for subsequent examination. In the case of a
multi-recipient message, only a single copy is sent to the alternate
recipient.
Archive Message
Y
ou can archive identified messages into the “Anti-Spam Archive”
log. The format is an mbox-format log file.
Spam Thresholds
Use the default thresholds or enter a threshold value for positively
identified spam and a value for suspected spam.
identified spam and a value for suspected spam.
Option
Description