Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
13-11
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 13 Anti-Spam
Defining Anti-Spam Policies
Configuration Examples: Actions for Positively Identified versus Suspected
Spam
Spam
The aggressive example tags only suspected spam messages, while dropping those messages that are
positively identified. Administrators and end-users can check the subject line of incoming message for
false positives, and an administrator can adjust, if necessary, the suspected spam threshold.
positively identified. Administrators and end-users can check the subject line of incoming message for
false positives, and an administrator can adjust, if necessary, the suspected spam threshold.
In the conservative example, positively identified and suspected spam is delivered with an altered
subject. Users can delete suspected and positively identified spam. This method is more conservative
than the first.
subject. Users can delete suspected and positively identified spam. This method is more conservative
than the first.
For a further discussion of aggressive and conservative policies in mail policies, see
in the Mail Policies chapter.
Unwanted Marketing Messages From Legitimate Sources
If you had configured Marketing Email Settings under anti-spam settings for a mail policy, after
upgrading to AsyncOS 9.5 for Email, Marketing Email Settings under anti-spam settings will be moved
under graymail settings of the same policy. See
upgrading to AsyncOS 9.5 for Email, Marketing Email Settings under anti-spam settings will be moved
under graymail settings of the same policy. See
Using Custom Headers to Redirect URLs in Suspected Spam to the Cisco Web
Security Proxy: Configuration Example
Security Proxy: Configuration Example
You can rewrite URLs in suspected spam so that when a recipient clicks a link in the message, the request
is routed through the Cisco Web Security proxy service, which evaluates the safety of the site at click
time and blocks access to known malicious sites.
is routed through the Cisco Web Security proxy service, which evaluates the safety of the site at click
time and blocks access to known malicious sites.
Before You Begin
Enable the URL Filtering feature and its prerequisites. See
Procedure
Step 1
Apply a custom header to suspected spam messages:
a.
Select Mail Policies > Incoming Mail Policies.
b.
Click the link in the Anti-Spam column for a policy such as the Default policy.
c.
In the Suspected Spam Settings section, enable suspected spam scanning.
Spam
Sample Actions
(Aggressive)
(Aggressive)
Sample Actions
(Conservative)
(Conservative)
Positively
Identified
Identified
Drop
•
Deliver with “
[Positive Spam]
” added
to the subject of messages, or
•
Quarantine
Suspected
Deliver with “
[Suspected Spam]
”
added to the subject of messages
Deliver with “
[Suspected Spam]
” added to
the subject of messages