Processing suspected spam messages

book

Article ID: 181288

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

 

Resolution

You can configure Mail Security to reject or accept suspected spam messages. You can log all spam events to the specified logging destinations.

See About logging events

If you configure Mail Security to reject spam messages, then a spam message is not accepted by the SMTP server for delivery. The connection is closed and no error message is sent to the SMTP service that sent the message.

If you configure Mail Security to accept suspected spam messages, you can specify the following message delivery options:

To reject suspected spam messages

  1. In the console on the primary navigation bar, click Policies.

  2. In the sidebar under Antispam, click Premium AntiSpam Actions.

  3. Under Suspected Spam, from If message is Suspected Spam, select Reject the message.

  4. Check Log to log spam messages to the specified logging destinations.

    See About logging events

  5. On the toolbar, click Deploy changes to apply your changes.

    See Deploying settings and changes to a server or group

To accept suspected spam messages

  1. In the console on the primary navigation bar, click Policies.

  2. In the sidebar under Antispam, click Premium AntiSpam Actions.

  3. Under Suspected Spam, from If message is Suspected Spam, select Accept the message.

  4. Check Prevent delivery to original recipient(s) to prevent the intended recipients from receiving suspected spam messages.

  5. Check Deliver to alternate recipient to send suspected spam messages to a different recipient, and type the address to which suspected spam messages are delivered.

    You can only specify one recipient.

  6. Check Add to subject line to prepend the subject line of suspected spam messages, and in the subject line box, type your customized text.

    The default text is Spam.

  7. Check Add X-header(s) to add one or more X-headers to messages that trigger the violation, and then do any of the following:

    Add an existing X-header

    Do the following:

    • Click Add X-header.

    • In the X-header name column, use the drop-down menu to select the X-header that you want to use.

      You can modify the existing X-header by clicking on the text and typing the new content.

    • In the X-header value column, type the X-header value.

      You can type up to 127 characters. The following characters are not supported in X-header values:

      ~ |

    Create a new X-header

    Do the following:

    • Click Add X-header.

    • In the X-header box, type the name of the X-header.

      You can type up to 127 characters. The name must begin with "x-" or X-". The following characters are not supported in X-header names:

      , . ; < > : ? / = ( )[ ] @ | ;~

    • In the X-header box, type the X-header value.

      You can type up to 127 characters. The following characters are not supported in X-header values:

      ~ |

    Remove an existing X-header

    Do the following:

    • Select the X-header that you want to remove by clicking to the left of the X-header name column.

    • Click Delete X-header(s).

  8. Check Assign SCL value to message to reassign the SCL value, and in the drop-down list, select the threshold value.

    You can choose a value from 1 to 9. The default value is 6.

    See About spam confidence level values

  9. Check Log to log suspected spam messages to the specified logging destinations.

    Suspected spam messages are identified in the Windows event log as information or events.

    See About logging events

  10. On the toolbar, click Deploy changes to apply your changes.

    See Deploying settings and changes to a server or group