In the AntiSpam service, you must set the detection methods and the actions you want to take on suspected spam emails. We recommend that you change the default actions when you are sure that the AntiSpam service detects spam correctly.
You change your detection settings at: Services > Email Services > Anti-Spam > Detection Settings
You apply one of the following actions to any detected spam:
Append a header but allow the email through.
Append a header and redirect the email to a bulk mail address.
Tag the subject line but allow the email through.
Quarantine the email.
Block and delete the email.
You can change the way the AntiSpam service detects spam emails for:
An email domain you have provisioned with cloud security services.
A group of users within an email domain.
To ensure items such as newsletters pass through spam detection, you designate approved and excluded senders lists.
The cloud security service detects spam in five ways:
Use SPF (Sender Policy Framework) to detect sender spoofing, which leads to reduced phishing attempts where domain spoofing is commonplace.
Match the emails against IP addresses, domains, and email addresses on a blocked senders list.
Match the IP address of the sending server against a publicly-distributed list of spam sources (public block list).
Match the signature of the email body against a list of known spam signatures.
Run the email through our Skeptic™ heuristics to assess whether the email is spam.