Rejected Spam Messsages in SMSMSE 7.10
search cancel

Rejected Spam Messsages in SMSMSE 7.10

book

Article ID: 266065

calendar_today

Updated On:

Products

Mail Security for Microsoft Exchange

Issue/Introduction

What happens to the rejected spam messages in the Symantec Mail Security? Is it deleted or quarantined? 
Is it logged? And where is it logged?

Rejected Spam Messages: Refers to email messages that have been identified as spam and are consequently rejected or not delivered to the recipient's inbox. Many organizations use email systems or SMSMSE which offers "Symantec Premium AntiSpam" using spam filters to automatically detect and filter out unwanted or unsolicited messages, commonly known as spam.

When an email server receives an incoming message, it undergoes spam filtering processes to assess whether the content and characteristics of the email align with predefined criteria for spam. These criteria may include patterns, keywords, sender reputation, and other factors associated with spam.

If an email is flagged as spam based on these criteria, the server may take one of several actions, including:

Moving to Spam Folder, Marking as Spam and send to quarantine folder, Rejecting the Email: In some cases, the email server may outright reject the spam message, preventing it from being delivered to the recipient's inbox.

The term "Rejected Spam Messages" typically refers to those emails that have been rejected outright and not delivered. This is a proactive measure to reduce the impact of spam on users and protect email systems from unwanted and potentially harmful content.

Environment

Release : 7.10

Resolution

Have Symantec Premium Antispam enabled in SMSMSE

You need to create and enable SPAM policies that Quarantine the SPAM and suspected spam, those policies you must associate with filter policy that quarantine messages, you can create SPAM policy that quarantines inbound suspected spam messages so once Spam policies are configured the SMSMSE will route SPAM to quarantine. 


Note: There is no direct option available in SMSMSE like in Email Cloud Security Product, so you need to create a rule for doing that. 

You can configure each of the categories separately as per in the console, and you set any action you wish for each category, there might be a conflict with the actions in case you choose "Suspect SPAM and SCL" to reject but on the other category Suspect Spam to accept. For SPAM messages themselves, 

You should focus first on configuring the SPAM messages category for recognizing the SPAM: Configure Add to Subject Line and Add X-Header, then create a new rule under Content Filtering Rule to Quarantine Spam Email. Under Spam Messages, you select accept then you make the customization, once the action is done, you create another rule to send the SPAM messages to quarantine.

 

For blocked messages, there are 2 types :
 
Blocked and deleted at the SMTP stage, meaning the message will not be restored nor quarantined because it was blocked at the connection level.
 
Detected as spam, but action set to quarantine, the mail has been scanned and followed the client's action to send it to quarantine for further review and release.

The location for Quarantined items are located in C:\Program Files\Symantec\SMSMSE\7.10\Server \Quarantine  

To configure SMSMSE to send all Spam to Quarantine, you need to create a new rule under Content Filtering Rules and choose the criteria that refer to the SPAM 

Example:

In summary, you need to check the configuration of Antispam Actions and Settings where it identifies the message as Spam and then refers to it by creating a rule and then setting the action to quarantine. 

For more details, please refer to the Related Documents implementation guide. 

Powered by Wolken Software