When you are provisioned with the Anti-Spam service under the Email Security.cloud service, the service is not enabled by default.
When you first enable detection settings, we recommend that you choose "Tag the subject line" or "Quarantine" (if enabled) as an action for each method. With these settings, you can evaluate the mails being detected as spam and determine how these settings work for your organization's mail flow. When you are confident that the service is only detecting spam email, change the actions for certain detection settings to the best practice settings.
To change to the best-practice settings
Select Services > Email Services > Anti-Spam.
Select Global Settings or a specific domain from the domains drop-down list.
In the Detection Settings tab, we recommend modifying the relevant settings as follows:
SPF: Set to Block and delete the mail. DMARC: Set to Quarantine (if available) or Use sender's DMARC policy
Blocked senders list (IP addresses only): Set to Block and delete the mail. Blocked senders list (domains and email addresses only): Set to Block and delete the mail. Dynamic IP block list: Set to Block and delete the mail. Signaturing system: Set to Block and delete the mail. Skeptic™ heuristics: Set to Quarantine the email (if available) or Block and delete the mail. Newsletter / Marketing detection: Set to Quarantine the email (if available) or Tag the subject line but allow mail through.