Configure Spam Policy

Use the settings on the SpamLogic Settings page to determine how the Gateway controls spam at the perimeter, stopping spam before it needs to be processed by your content security policy.

The content security policy uses the Spam Detection clause in the What To Look For? section of content rules and the defined content rules can then be applied to specific policy routes in order to provide further definition. For more information on the Spam Detection clause, see What To Look For? Clauses.

For a comprehensive spam policy, use the Spam Detection clause in your content rules in conjunction with the SpamLogic defenses defined on the SpamLogic Settings page.

To ensure correct operation of your spam policy and prevent spam checks failing you must: Ensure that you have a valid HTTP connection configured To check this configuration run a connectivity check. From the System Center Home page, click Connectivity Test Ensure that you have good, unrestricted DNS performance Deal with any system alarms about reputation feeds and update services

To configure your spam policy

1. On the Policy Center Home page, click SpamLogic Settings.

   The SpamLogic Settings page is displayed.

2. Specify how the Gateway is connected to the Internet. To do this:

   1. Move the pointer over the Connection Management section, and click Click here to change these settings.
   2. Select the Connection Management type. For further information, see Connection Management.
   3. Click Save.

   If an upstream email relay exists between the Gateway and the originating SMTP host, spam defenses that require a direct connection to the internet, such as the following, cannot be used: Sender Policy Framework (SPFSender Policy Framework) Greylisting

3. Specify the details of your spam policy. To do this:

   1. Move the pointer over the Spam Policy section, and click Click here to change these settings.

   2. Specify settings for each of the following:

      • If Reputation Good
      • If Reputation Bad
      • Real-time IP Blocklist
      • Spoof Detection
      • Validate Sender Domain
      • BATV Address Validation
      • DMARC Reject
      • DMARC Quarantine
      • SPF Hard fail
      • SPF Soft fail
      • DKIM Hard Fail
      • DKIM Soft Fail
      • Greylisting
      • Confirmed Junk Email
      • Suspected Junk Email

4. Specify if you wish suspected newsletters to be reclassified as spam. To do this:

   1. Move the pointer over the Suspected newsletter reclassification section and click Click here to change these settings.
   2. Click Reclassify suspected newsletters as spam to instruct the system to regard suspected newsletters as spam.
      This feature enables organizations to customize their global response to incoming email newsletters.

5. Specify the message area in which to hold spam messages. To do this:

   1. Move the pointer over the Hold Spam in this Message Area section, and click Click here to change these settings.

   2. Select the message area in which to hold messages identified as spam.

      The default message area is 'Spam'. However, you can change this, or create a new message area if required. For example, you might want to hold spam detected at the Gateway perimeter in one message area, and spam detected by your content rules in another.

   3. Click Save.

6. Optionally, specify whether spam checks and DKIMDomainKeys Identified Mail signing should be performed on outbound messages. To do this:

   1. If spam checks are to be performed on outbound messages, select the Enable spam checks on outbound messages check box in the Perform spam checks on outbound messages section.

   2. If DKIM signing is required, select the Enable DKIM signing on outbound messages check box in the DKIM signing on outbound messages section.

      For more information on DKIM signing, see Spoof detection.

   3. If you have enabled DKIM signing on outbound messages, you can optionally choose whether to enable If the message sender is empty, sign using the key for the domain of the From address. This allows you to apply DKIM signing to messages such as out-of-office replies, which have empty message sender fields.
   4. Click Save.

7. Optionally, specify the recipients that may receive mail through the Gateway. To do this:

   1. Move the pointer over the Only accept messages for these addresses section, and click Click here to change these settings.
   2. Select the Address lists that contain the users that will be allowed to receive mail through the Gateway.
   3. Click Save.

8. Optionally, specify the senders who cannot send mail through the Gateway. To do this:

   1. Move the pointer over the Reject messages from the following section, and click Click here to change these settings.
   2. Select the Address lists that contain the users that will not be allowed to send mail through the Gateway.
   3. Click Save.
9. Apply the configuration.

See also...

• Apply the new configuration
• Address Validation