In the AntiSpam service section of the Symantec.Cloud portal, you must set the detection methods and the actions you want to be applied to suspected spam emails. We recommend that you change the default actions when you are sure that the AntiSpam service detects spam correctly.
You can change your detection settings by navigating to: Services > Email Services > Anti-Spam > Detection Settings
You can apply one of the following actions to any emails that the service detects as spam:
Append a header but allow the email through.
Append a header and redirect the email to a bulk mail address.
Tag the subject line but allow the email through.
Quarantine the email.
Block and delete the email.
You can change the way the AntiSpam service detects spam emails for:
An email domain you have provisioned with cloud security services.
A group of users within an email domain.
To ensure items such as newsletters pass through spam detection, you designate approved and excluded senders lists.
The cloud security service detects spam in five ways:
Uses SPF (Sender Policy Framework) to detect sender spoofing, which leads to reduced phishing attempts where domain spoofing is commonplace.
Matches the emails against IP addresses, domains, and email addresses on a blocked senders list.
Matches the IP address of the sending server against a publicly-distributed list of spam sources (public block list).
Matches the signature of the email body against a list of known spam signatures.
Runs the email through our Skeptic™ heuristics engine to assess whether the email has a spam verdict.