Table: Configure spam and unwanted email detection
Create and enable email spam and unwanted email policies.
Symantec Messaging Gateway installs with a set of default spam and unwanted email policies. For a new installation or upgrade, the default spam policies are automatically enabled and assigned to the default policy group. For a new install, the preconfigured unwanted email policies are enabled but not assigned to any group. If you upgrade from a previous release, the preconfigured unwanted email policies are disabled and not assigned to any group. You can modify these policies or create your own custom policies.
When Symantec Messaging Gateway evaluates whether messages are spam, it calculates a spam score from 1 to 100 for each message. This score is based on the results of a wide variety of antispam technologies.
You can define a range of scores from 25 to 89 that constitutes "suspected spam." Through policies, you can specify different actions for the messages that are identified as suspected spam and messages that are identified as spam.
Symantec recommends that you not adjust the spam threshold until you have some exposure into the filtering patterns at your site. Gradually move the threshold setting down 1 point to 5 points per week until the number of false positives is at an acceptable level.
Enable the features that provide Symantec with information that helps us create better spam filters.
You can help Symantec create better spam filters when you enable the following features:
Uniform Resource Identifiers (URI) reporting
When you enable URI reporting, Symantec Messaging Gateway sends a report to Symantec Security Response. The report contains URIs that appear in the messages that Symantec Messaging Gateway scans for spam. Symantec uses this information to develop new URI-based filters.
You can forward unused email addresses or invalid email addresses to the Symantec Probe Network. Symantec uses these email addresses to attract spammers. Then Symantec uses the spam messages it receives at these addresses to create better spam filters.
You can route spam, suspected spam, or unwanted emails to Spam Quarantine. Users access Spam Quarantine to determine if messages in the quarantine are false positives. If a message is stored in the spam quarantine, but is legitimate, users can release the messages to their inboxes. Users can notify you of false positives so that you can continue to adjust your spam settings and spam and unwanted email policies accordingly. You can also set up summary notifications to be delivered to users' inboxes.
Monitor reports to determine how effective spam policies are. Reports also indicate the volume of spam that your organization receives. This information can help you fine-tune your spam detection settings.
Symantec Messaging Gateway can scan email attachments with the following extensions for spam:
By default, this option is enabled for a new installation and disabled for upgrades. Enabling this option may result in slower performance of Symantec Messaging Gateway. When this option is disabled, Symantec Messaging Gateway does not use all scanning technologies for evaluating the attachments for spam.