Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 4 replies
  • Subscribers 0 subscribers
  • Views 9634 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Has there been a change in spam/bulk central rules used by the SEA?

GHCFCU

Our SEA is up to date with software engine and threat definitions, as of when I checked a few minutes ago. Yet we seem to be experiencing a lot more incidents of spam and bulk messages getting through to user mailboxes over the last three weeks. From memory, I thought that about 80% of inbound messages were either Blocked, Invalid, Spam or Virus. Now 71% of mail is Other, and I am getting a lot more internal buzz about spam and bulk mail getting through. They are all being forwarded to is-spam@labs.sophos.com, but it shouldn't be the case.

Are we all just experiencing an increase in being behind the new waves of spammers, or is this something else?

:40603


This thread was automatically locked due to age.
Parents
  • 0

    Hi All,

    So a few things on this topic.

    1. There is no known widespread issue that is severely impacting our catch rate

    2. When ever we see a customer noticing a higher volume in spam, it tends to be site specific.  It may not even be a configuration change, but something else relating to your email system.  Something simple like a "contact us" email address on your site or similar that goes to a group of users.

      You should always submit missed samples, and if you do not see a change, raise a case with Support.  You do not need to email samples to support, because we can see them in our labs' systems.

      When you raise a case with Support, we will escalate to our Labs for manual analysis.

    3. When migrating from a previous solution such as postini, you have to realize that you probably had blocklists, either global or per user that may have been populated over years.  When you migrate to our solution, you need to look at whether migrating those lists are necessary as well.  We tend to recommend that you don't, as they may no longer be necessary, but setting your end users expectations that they may need to re-populate personal block/allow lists is essential.
    :40965
Reply
  • 0

    Hi All,

    So a few things on this topic.

    1. There is no known widespread issue that is severely impacting our catch rate

    2. When ever we see a customer noticing a higher volume in spam, it tends to be site specific.  It may not even be a configuration change, but something else relating to your email system.  Something simple like a "contact us" email address on your site or similar that goes to a group of users.

      You should always submit missed samples, and if you do not see a change, raise a case with Support.  You do not need to email samples to support, because we can see them in our labs' systems.

      When you raise a case with Support, we will escalate to our Labs for manual analysis.

    3. When migrating from a previous solution such as postini, you have to realize that you probably had blocklists, either global or per user that may have been populated over years.  When you migrate to our solution, you need to look at whether migrating those lists are necessary as well.  We tend to recommend that you don't, as they may no longer be necessary, but setting your end users expectations that they may need to re-populate personal block/allow lists is essential.
    :40965
Children
No Data
Unfiltered HTML