You want to know how to create suspected spam messages in order to test the suspected spam detection.

Symantec anti-spam products powered by Brightmail have heuristic rules to test suspected spam. 

A specific subject line is needed in a test message. The rest of the message needs to be as normal (Non-spam) as possible.

This avoids the trigger of additional heuristic rules.  For example, all headers have to be present (from, to, etc) and there must be some text in the body (other than something like @pple). 

The heuristics score does not correspond exactly with the slider score in any Symantec anti-spam products powered by Brightmail product settings.  

The equation is as follows:  (GUI suspect score / .9) = heuristics score. 

For example, set the slider to 72.
72 / .9 = 80

A message which receives a heuristics score of 80 will receive a suspect verdict only if the slider is set to 72, or below. 

Here are the Subject headers which will generate heuristics scores:

The "Subject: " line of your test message must show up exactly as listed below for these rules to function:

Generates a heuristics score of"75":
Subject: THIS is ONLY a TEST - Brightmail - Level 1 - THIS IS ONLY A TEST

Generates a heuristics score of "80":
Subject: THIS is ONLY a TEST - Brightmail - Level 2 - THIS IS ONLY A TEST

Generates a heuristics score of "85":
Subject: THIS is ONLY a TEST - Brightmail - Level 3 - THIS IS ONLY A TEST

Generates a heuristics score of "90":
Subject: THIS is ONLY a TEST - Brightmail - Level 4 - THIS IS ONLY A TEST