3 Replies Latest reply on Nov 14, 2014 9:56 AM by eplossl

    Trying to determine my next best path to blocking spam

    Mwilliam

      I have looked at enabling the SPF, Sender ID, and the FCrDNS. I know I then have to set up the cumulative score of 20 (or whatever I would want). My options as I see it are then to allow through (monitor) or to accept and drop (block) until I see how it works. Is there any way to report on these settings to see if I am getting false positives?

        • 1. Re: Trying to determine my next best path to blocking spam
          Ryan Brady

          You could do an allow through with a secondary action of quarantine to make copies of the messages so you can review them later to see if they were false positives.  You can also have it generate audit copies of the message to send to a designated email address list, again for later hand review.

          • 2. Re: Trying to determine my next best path to blocking spam
            Mwilliam

            I don't see where I can do a secondary action under the cumulative score? how would I accomplish that?

            • 3. Re: Trying to determine my next best path to blocking spam
              eplossl

              Unfortunately, as you noted, it's not possible to do that within the context of Sender Authentication.  Sender Auth allows you to take a primary action, but it does not allow secondary actions.  As such, the only real way to consider this is to look at the number of actions sender auth takes.  Generally, SPF, Sender ID, and GTI should be reasonably good and useful.  The other features in that area are useful in their own way, but my personal preference is the three features I have already mentioned, possibly in combination with the RBL.

               

              That said, if you're experiencing excessive spam getting in, are you submitting spam to our spam team as described in KB59415?  That helps us to improve our overall spam detection, and is definitely a good next step.  Also, if you are already doing that and are still experiencing issues, I would recommend getting in touch with Support and providing some sample messages directly so that we can get them directly to the spam team for them to address.