Cisco Cisco Email Security Appliance X1070 Guia Do Utilizador
8-9
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Chapter 8 Anti-Spam
Note
Because the regional rules profile optimizes the anti-spam engine for a
particular region, it can reduce capture rates for other types of spam.
Therefore, Cisco recommends you enable this feature only if you receive
the bulk of your email from the specified region.
particular region, it can reduce capture rates for other types of spam.
Therefore, Cisco recommends you enable this feature only if you receive
the bulk of your email from the specified region.
IronPort Anti-Spam leverages globally representative email and web
content-agnostic data contributed by over 125,000 ISPs, universities and
corporations throughout the Americas, Europe, and Asia. The Threat Operations
Center is set up for global operations with centers in Sao Paulo, Beijing and
London. In addition, analysts speak 32 languages including Chinese, Japanese,
Korean, Portuguese, and Spanish.
content-agnostic data contributed by over 125,000 ISPs, universities and
corporations throughout the Americas, Europe, and Asia. The Threat Operations
Center is set up for global operations with centers in Sao Paulo, Beijing and
London. In addition, analysts speak 32 languages including Chinese, Japanese,
Korean, Portuguese, and Spanish.
Enabling IronPort Anti-Spam and Configuring Global Settings
Overview
You enable IronPort Anti-Spam and modify its global configuration settings using
the Security Services > IronPort Anti-Spam and Security Services > Service
Updates pages (GUI) or the
the Security Services > IronPort Anti-Spam and Security Services > Service
Updates pages (GUI) or the
antispamconfig
and
updateconfig
commands (CLI).
The following global settings are configured:
•
Enable IronPort Anti-Spam globally for the appliance.
•
Configure the thresholds for message scanning by IronPort Anti-Spam.
To optimize the throughput of your appliance while still being able to scan
the increasing larger messages sent by spammers, you can define an always
scan message size, where messages smaller than the defined size are
completely scanned by CASE, delivering Cisco IronPort’s industry-leading
level of efficacy, and a never scan message size, where messages larger than
the defined size are not scanned by CASE. For messages larger than the
always scan size and smaller than the never scan size, CASE performs a
limited and faster scan.
the increasing larger messages sent by spammers, you can define an always
scan message size, where messages smaller than the defined size are
completely scanned by CASE, delivering Cisco IronPort’s industry-leading
level of efficacy, and a never scan message size, where messages larger than
the defined size are not scanned by CASE. For messages larger than the
always scan size and smaller than the never scan size, CASE performs a
limited and faster scan.
Note
If the Outbreak Filters maximum message size is greater than
IronPort Anti-Spam’s always scan message, CASE fully scans
messages smaller than the Outbreak Filters maximum size.
IronPort Anti-Spam’s always scan message, CASE fully scans
messages smaller than the Outbreak Filters maximum size.