Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
331332333334335336337338339340
CHAPTER
13-1
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
13
Anti-Spam
Overview of Anti-Spam Scanning, page 13-1
How to Configure the Appliance to Scan Messages for Spam, page 13-2
IronPort Anti-Spam Filtering, page 13-3
Cisco Intelligent Multi-Scan Filtering, page 13-6
Defining Anti-Spam Policies, page 13-7
Protecting Appliance-Generated Messages From the Spam Filter, page 13-14
Headers Added During Anti-Spam Scanning, page 13-14
Reporting Incorrectly Classified Messages to Cisco Systems, page 13-15
Determining Sender IP Address In Deployments with Incoming Relays, page 13-15
Monitoring Rules Updates, page 13-23
Testing Anti-Spam, page 13-24
Overview of Anti-Spam Scanning
Anti-spam processes scan email for incoming (and outgoing) mail based on the mail policies that you
configure.
One or more scanning engines scan messages through their filtering modules.
Scanning engines assign a score to each message. The higher the score, the greater the likelihood
that the message is spam.
Based on the score, each message is categorized as one of the following:
Not spam
Unwanted marketing email from a legitimate source
Suspected spam
Positively-identified spam
An action is taken based on the result.
Actions taken on messages positively identified as spam, suspected to be spam, or identified as
unwanted marketing messages are not mutually exclusive; you can combine some or all of them
differently within different incoming or outgoing policies for different processing needs for groups