User Guide
CHAPTER
31-1
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
31
Spam Quarantine
• Overview of the Spam Quarantine, page 31-1
• Local Versus External Spam Quarantine, page 31-1
• Setting Up the Local Spam Quarantine, page 31-2
• Using Safelists and Blocklists to Control Email Delivery Based on Sender, page 31-7
• Configuring Spam Management Features for End Users, page 31-14
• Managing Messages in the Spam Quarantine, page 31-22
• Disk Space for the Spam Quarantine, page 31-24
• About Disabling the Spam Quarantine, page 31-24
• Troubleshooting Spam Quarantine Features, page 31-24
Overview of the Spam Quarantine
The spam quarantine (also known as ISQ, End-User Quarantine, and EUQ) provides a safeguard
mechanism for organizations that are concerned about “false positives” — that is, legitimate email
messages that the appliance has deemed to be spam. When the appliance determines that a message is
spam or suspected spam, you may want to let the recipient or an administrator review the message before
delivering or deleting it. The spam quarantine stores messages for this purpose.
Administrative users of the Email Security appliance can view all messages in a spam quarantine. End
users, usually the message recipients, can view their own quarantined messages in a slightly different
web interface.
The spam quarantine is separate from policy, virus, and outbreak quarantines.
Related Topics
• Chapter 13, “Anti-Spam”
• Chapter 30, “Policy, Virus, and Outbreak Quarantines”
Local Versus External Spam Quarantine
A local spam quarantine stores spam and suspect spam on the Email Security appliance. An external
spam quarantine can store these messages on a separate Cisco Content Security Management appliance.
Consider using an external spam quarantine if: