McAfee Security for Microsoft Exchange 8.6.0

Configure anti-spam settings

Configure settings in a policy to detect spam email messages and take necessary actions.

Task
1 From Policy Manager, select the submenu item Gateway that has the Anti-Spam scanner.
The policy page for the submenu item appears.
2 Click Master policy or any subpolicy you want to configure, then click List All Scanners tab.
3 Click Anti-Spam.
4 In Activation, select Enable to activate the anti-spam scanner settings for the selected submenu item.
If you are configuring settings for a subpolicy, select Use configuration from parent policy to inherit settings from the parent policy.
If you add a new scanner to the policy, you can specify a time slot when to enable the scanner, using What time would you like this to apply drop-down list.
5 In the Options drop-down list, select an existing scanner setting or <create new set of options>.
The Anti-Spam Settings page appears.
6 In Instance name, type a unique name for the anti-spam scanner setting instance. This field is mandatory.
7 In Options tab, under Scoring, type the values for:
High score threshold — If the overall spam score is 15 or more.
Medium score threshold — If the overall spam score is from 10 to 15.
Low score threshold — If the overall spam score is from 5 to 10.
To use the default values of spam scores, select the Use default option. These default settings have been carefully optimized to maintain the balance between a high spam detection rate and a low false positive rate. In the unlikely event that you need to change these settings, a technical notice is available from Technical Support.
8 In Reporting, under the Spam reporting threshold is drop-down list, select High, Medium, Low, or Custom to specify the point at which an email message should be marked as spam.
9 In Custom score, type a specific spam score at which email messages should be marked as spam. This field is enabled only if you select Custom from Spam reporting threshold is drop-down list.
10 Select or deselect Add prefix to subject of spam messages as required.
11 From the Add a spam score indicator drop-down list, select:
Never - To have the Internet header of an email message without the spam score indicator. To non-spam messages only — To add a spam score indicator to the Internet header of non-spam email messages only.
To spam messages only — To add a spam score indicator to the Internet header of spam email messages only. To all messages — To add a spam score indicator to the Internet header of all email messages.
Spam score indicator is a symbol used in the spam report that is added to the email message's Internet headers to indicate the amount of potential spam contained in an email.
12 From the Attach a spam report drop-down list, select:
Never - To display an email message without the spam score indicator. To non-spam messages only — To add a spam report to non-spam email messages only.
To spam messages only — To add a spam report to spam email messages only. To all messages — To add a spam report to all email messages.
13 Select or deselect Verbose reporting to specify whether verbose reporting is required or not. Verbose reporting includes the names and descriptions of the anti-spam rules that have been triggered.
Selecting Never for Attach a spam report disables Verbose reporting.
14 On the Advanced tab, use:
Maximum message size to scan (KB) — To specify the maximum size of an email message (in kilobytes) that can be scanned. You can type a size up to 999,999,999 kilobytes, although typical spam email messages are small. Default value is 250 KB. Header value — To specify a different value for the email header.
Maximum width of spam headers (Bytes) — To specify the maximum size (in bytes) that the spam email message header can be. The minimum header width that you can specify is 40 characters and the maximum is 999 characters. Default value is 76.
Spammers often add extra information to headers for their own purposes.
Add header — To specify that the header should be added to none of the email messages, all email messages, only spam email messages or only to non-spam email messages.
Maximum number of reported rules — To specify the maximum number of anti-spam rules that can be included in a spam report. The minimum number of rules you can specify is 1 and the maximum is 999. Default value is 180. Select or deselect the Use alternative header names when a mail is not spam option as required.
Header name — To specify a different name for the email header. You can use this email header and its header value (below) when tracking email messages and applying rules to those messages. These fields are optional, and accept up to 40 characters.
15 In Mail Lists tab, under Blacklisted senders, Whitelisted senders, Blacklisted recipients and Whitelisted recipients, type the email addresses of the blacklisted and whitelisted senders and recipients.
Email messages sent to or from an email address on a blacklist are treated as spam, even if they do not contain spam-like characteristics. Email messages sent to or from email addresses on a whitelist are not treated as spam, even if they contain spam-like characteristics.

Click Add to add email addresses to a list and the checkbox beside each address to specify whether it is enabled or not. Click Delete All to remove an email address from the list. You cannot add the same email address more than once. You can use wildcard characters to match multiple addresses.

16 In Rules tab, enter the rule name and select Enable rule to activate it. Click Add to display a list of available rules.
Click Reset to return to the default anti-spam settings.
17 In the list, against each rule, click Edit to modify the rule.
18 Click Delete to remove the rule.
19 Click Save to return to the policy page.
20 In Actions to take if spam is detected, click Edit. In the following tabs, specify the anti-spam scanner actions that must be taken if a spam is detected:
High Score
Medium Score
Low Score
21 Click Save to apply the settings and return to the policy settings page.
22 Click Apply to configure these settings to a policy.