Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
13-30
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 13 Anti-Spam
Testing Anti-Spam
Ways Not to Test Anti-Spam Efficacy
Because IronPort AntiSpam and Cisco Intelligent Multi-Scan rules are added quickly to prevent active
spam attacks and quickly expire once attacks have passed, you should not test efficacy using any of the
following methods:
spam attacks and quickly expire once attacks have passed, you should not test efficacy using any of the
following methods:
•
Evaluating using resent or forwarded mail or cut-and-pasted spam messages.
Mail lacking the proper headers, connecting IP, signatures, etc. will result in inaccurate scores.
•
Testing “hard spam” only.
Removing the “easy spam” using SBRS, blacklists, message filters, etc. will result in a lower overall
catch rate percentage.
catch rate percentage.
•
Resending spam caught by another anti-spam vendor.
•
Testing older messages.
The scanning engine adds and removes rules rapidly based on current threats. Testing using old
messages will therefore lead to inaccurate test results.
messages will therefore lead to inaccurate test results.
X-Advertisement: spam
spam test
.
250 Message MID accepted
221 hostname
quit