Cisco Cisco Email Security Appliance C160 用户指南
13-11
Cisco AsyncOS 9.0 for Email User Guide
Chapter 13 Anti-Spam
Defining Anti-Spam Policies
Configuration Examples: Actions for Positively Identified versus Suspected
Spam
Spam
The aggressive example tags only suspected spam messages, while dropping those messages that are
positively identified. Administrators and end-users can check the subject line of incoming message for
false positives, and an administrator can adjust, if necessary, the suspected spam threshold.
positively identified. Administrators and end-users can check the subject line of incoming message for
false positives, and an administrator can adjust, if necessary, the suspected spam threshold.
In the conservative example, positively identified and suspected spam is delivered with an altered
subject. Users can delete suspected and positively identified spam. This method is more conservative
than the first.
subject. Users can delete suspected and positively identified spam. This method is more conservative
than the first.
For a further discussion of aggressive and conservative policies in mail policies, see
in the Mail Policies chapter.
Unwanted Marketing Messages From Legitimate Sources
Both anti-spam scanning engines can distinguish between spam and unwanted marketing messages from
a legitimate source. Even though marketing messages are not considered spam, your organization or
end-users may not want to receive them. Like spam, you have the option to deliver, drop, quarantine, or
bounce unwanted marketing messages. You also have the option to tag unwanted marketing messages by
adding text to the message’s subject to identify it as marketing.
a legitimate source. Even though marketing messages are not considered spam, your organization or
end-users may not want to receive them. Like spam, you have the option to deliver, drop, quarantine, or
bounce unwanted marketing messages. You also have the option to tag unwanted marketing messages by
adding text to the message’s subject to identify it as marketing.
Using Custom Headers to Redirect URLs in Suspected Spam to the Cisco Web
Security Proxy: Configuration Example
Security Proxy: Configuration Example
You can rewrite URLs in suspected spam so that when a recipient clicks a link in the message, the request
is routed through the Cisco Web Security proxy service, which evaluates the safety of the site at click
time and blocks access to known malicious sites.
is routed through the Cisco Web Security proxy service, which evaluates the safety of the site at click
time and blocks access to known malicious sites.
Before You Begin
Enable the URL Filtering feature and its prerequisites. See
Procedure
Step 1
Apply a custom header to suspected spam messages:
a.
Select Mail Policies > Incoming Mail Policies.
b.
Click the link in the Anti-Spam column for a policy such as the Default policy.
Spam
Sample Actions
(Aggressive)
(Aggressive)
Sample Actions
(Conservative)
(Conservative)
Positively
Identified
Identified
Drop
•
Deliver with “
[Positive Spam]
” added
to the subject of messages, or
•
Quarantine
Suspected
Deliver with “
[Suspected Spam]
”
added to the subject of messages
Deliver with “
[Suspected Spam]
” added to
the subject of messages