SpamLogic Settings

SpamLogic provides a global anti-spam defense. You can configure its settings to control how Secure Email Gateway handles spam at the perimeter before it needs to be processed by the Policy Engine.

On the SpamLogic Settings page, you define how the Gateway identifies spam at the perimeter, and what actions to take on messages identified as spam.

If an upstream email relay exists between the Gateway and the originating SMTP host, certain spam defenses cannot be used. By specifying how the Gateway connects to the Internet using Connection Management, you determine the spam defenses that are available to use in your policy.

In addition to the above, you can use Address Validation to specify the addresses within your organization that can receive email through the Gateway. This is an effective way of stopping spam to invalid email addresses.

Allow List enables you to define a list of SMTP hosts from which the Gateway will accept email, regardless of the outcome of TRUSTmanager, RBL, SPFClosed Sender Policy Framework, or Greylisting checks.

You can also opt to block mail from specific countries or apply a weighting to suspicious countries if you suspect that spam messages are more likely to originate from them. Refer to Geoblocking for more information about configuring these settings.

 

SpamLogic or the Detect Spam content rule - which method to use?

To detect and block spam messages, Secure Email Gateway provides two methods: SpamLogic and the Detect Spam content rule. Both methods have their advantages, and consist of various configurable parameters to suit your requirements.

SpamLogic

SpamLogic is an anti-spam defense at the perimeter, and is a global setting.

Spam messages blocked at the perimeter are rejected before they are processed by the Policy Engine. This conserves the Gateway's processing resources.

Detect Spam content rule

Alternatively, you can use the Detect Spam content rule to override the global setting.

For the Detect Spam content rule to take effect, you need to adjust its Spam Detection clause, and apply the defined content rule to an appropriate mail policy route.

Using the Detect Spam content rule enables you to apply more specific spam-catching techniques on incoming messages which trigger the rule. The Spam Detection clause in the content rule looks for spam-related indicators associated with a message. You can adjust the severity of spam detection. For example, you can monitor the created content rule and increase or decrease the severity of detection, depending on the number of undetected spam messages as well as false positive messages.

By default, detected messages by the Detect Spam content rule are held in the spam message area. If Personal Message Management (PMM) is enabled, these message can be copied to users' PMM areas to be reviewed, deleted, or released as false positives.

  If you apply the Detect Spam content rule to a mail policy route, the route always ignores the perimeter spam checks, even if the content rule does not trigger.