This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Additional Policies

I have had to create additional keyword policies  to block SPAM and Phishing emails. Now the users are reporting that messages for email addresses and domains that they have added to their approved sender's list in the user portal are being quarantined. Is there a way to see the priority of all rules on the server and exclude them from the approved senders list? Is there a way a user can see what rule quarantined their emails and what triggered the rule(s) that quarantined their messages?



This thread was automatically locked due to age.
Parents
  • Hi Ron

    The appliance processes rules in the following order.

    Filtering options / perimeter protection
    MTA / Block lists (blacklist)
    threat protection
    datacontrol
    additional policy
    spam checking
    user controlled black/white list

    the problem you are having is that users can ONLY exclude actual spam.. so becasue you are making an admin UI rule a user can not simply over ride your rule and allow the message.  Spam checking is one of the last things that actually done before the email is deemed to be deliverable or not.  The user white list will over ride that spam rule and messagesplit a copy off for that one user.

    If you are having spam issues I suspect perhaps either the spam rules have exceptions, or worse inclusions and or other rule issues.. the other thing of note is a new feature called the delay message queue. 

    Have a walk through this KB and ensure all of the rules are as listed here and ensure delay queue is active. 

    www.sophos.com/.../120802.aspx

Reply
  • Hi Ron

    The appliance processes rules in the following order.

    Filtering options / perimeter protection
    MTA / Block lists (blacklist)
    threat protection
    datacontrol
    additional policy
    spam checking
    user controlled black/white list

    the problem you are having is that users can ONLY exclude actual spam.. so becasue you are making an admin UI rule a user can not simply over ride your rule and allow the message.  Spam checking is one of the last things that actually done before the email is deemed to be deliverable or not.  The user white list will over ride that spam rule and messagesplit a copy off for that one user.

    If you are having spam issues I suspect perhaps either the spam rules have exceptions, or worse inclusions and or other rule issues.. the other thing of note is a new feature called the delay message queue. 

    Have a walk through this KB and ensure all of the rules are as listed here and ensure delay queue is active. 

    www.sophos.com/.../120802.aspx

Children
No Data