3 Replies Latest reply: Oct 15, 2013 12:20 PM by Brad McGarr RSS

    Spam test string?

    PhilM

      Is there a mechanism (aside from waiting for Spam to arrive) I can use to test SaaS Email.

       

      With other mail security products I have encountered in the past, including McAfee EMail Gateway (MEG), it is possible to send an e-mail with some kind of pre-prescribed trigger value (be it in the message body or in the form of an X-Header value, and wondered if the same same true for SaaS Email.

       

      I've configured a trial account to play with while McAfee sort out our SaaS order and I've managed to get inbound mail passing through the SaaS server (as demonstrated by evidence in the Message Audit screen), and if I can trigger some Spam events that would be great. Otherwise I'll just have to sit and wait.

       

      -Phil.

        • 1. Re: Spam test string?
          Brad McGarr

          Phil,

           

          While we do not have any content that we can provide that would trigger a spam event, you can create one specific for your account.

           

          Within the inbound policy (Email Protection > Policies> Inbound Policies> Edit an Inbound Policy), under the Spam Tab, there is a Content Group area where you can create custom content strings to trigger a 1.0 spam score with an action of your choice. This will give you a sense of what happens when a message is quarantined, or denied, depending on what action you set. Policy changes take approximately 30 minutes to fully replicate so keep that in mind.

           

          However, this will only give an idea of those actions and what they look like. It will not involve the organic scoring that is done by the product for all of the factors being scanned for.

           

          Hope this helps!

          • 2. Re: Spam test string?
            PhilM

            Thanks - That seems to do the trick.

             

            I went to the content group and created an entry with the string "one day special offer just for you" and set the action to quarantine. I then sent a message and included this string in the body of the e-mail and it was successfully quarantined.

             

            Was this the correct method for doing this?  - has it treatred my content group entry as a full string or should I enclose it in " " (the online help didn't say one way or the other).

             

            I guess I could prove this by sending a message containing only one of these words, or a subset (like "just for you") to see what happens.

             

            Also, is this being applied to just the message body, or will it trigger if I'd put this string in the the subjet line of my test message?

             

            -Phil.

            • 3. Re: Spam test string?
              Brad McGarr

              Hi Phil,

               

              Yep, you got it! It is line deliniated in the Custom Content Groups (either under Spam or Content, both work very similar, the only difference is under spam users can release the messages from quarantine, under Content an admin or quarantine manager must do that).

               

              It will look for exact strings, so for example if you include one day special offer just for you it will trigger off that and one day special offer just for you at Bob's House of Widgets, but not one day special offer at Bob's! , so it will find the keyword/phrase in whole. It's an exact match list.

               

              The filter will apply on any content, header or body, including subject line.