Symantec Mail Security for Microsoft Exchange Configuration Best Practices

book

Article ID: 159263

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

 How should I configure Symantec Mail Security for Microsoft Exchange (SMSMSE) to block Spam and Viral content?

Cause

Initial configuration after a new installation or configuration changes based on missed spam or missed virus getting through the filter and entering the environment.

Resolution

 See attached PDF for an overview of potential configurations by category (below)

Category Descriptions  
Default Out-of the box configuration.  No AntiSpam and only basic AntiVirus
AntiSpam Basic Minimum configuration for taking action on spam messages. 1 in 1 Million false positive rate
AntiSpam Moderate Practical recommendations that will improve AntiSpam effectiveness without significantly increasing the risk of false positives. This is generally the configuration recommended by Technical Support
AntiSpam Aggressive Support does not recommend utilizing content filtering for AntiSpam as it is not only time consuming but ineffectual.  In some rare cases though, there can be specific solutions that can only be achieved with Content Filtering.  Please note that any creation, modifications, or testing of content filtering rules is outside the scope of technical support.
AntiVirus Basic Basic configuration for the AntiVirus engine
AntVirus Advanced Practical recommendations that will improve AntiVirus effectiveness without significantly increasing the risk of taking action on legitimate files. This is generally the configuration recommended by Technical Support
AntiVirus Aggressive Increases the scope of scanning and implies a more aggressive, and time-consuming approach to antivirus in the environment. Please note that Support does not assist in the creation or testing of content filtering rules.
AntiVirus Crazy Potentially over-aggressive filtering that could result in false positives if full knowledge of the items being enabled is not well known and proper due dilligance has not been executed.  Please note this configuration is likely unsafe if any modification to content filtering rules has occurred.  This configuration is also very likely to impact performance.

 

 

 

 

Attachments

SMSMSEConfigBP.xlsx get_app
SMSMSEConfigBP.pdf get_app