How the Message Audit Log helps to fine-tune and troubleshoot content filtering policies
Symantec Messaging Gateway enables you to create content filtering policies to monitor the content of inbound and outbound email messages.
You can also create content filtering polices to do the following:
Comply with government-mandated regulations.
Block or hold messages for review based on internal policies.
Deploy more aggressive rules for blocking certain types of message content.
When users identify missing email or complain about unwanted email reaching their inbox, a number of policies may be involved. It may not be immediately clear how to adjust the appropriate policy to correct the problem. To troubleshoot these issues, you can view the Message audit log.
The Message audit log identifies the text that violated the policy and the part of the message that contained the violation.
For example, configure a content filtering policy to use a regular expression for content matching. You can set the action for the policy to delete the message. You begin receiving complaints about missing email messages. You can troubleshoot the issue by viewing the messages in the Message audit log to see the content that violated the policy. Based on your findings, you can fine-tune your policy as needed.