Spam rule E-mail and Server Security 11

Highlighted
Scholar

Spam rule E-mail and Server Security 11

Hello,

 

I tried to implement some custom rules and it doesn't seem to work maybe I'm doing something wrong.

 

Let's say:

 

I want to block the word or a word containing "gorzug" in the subject or in the body. So I put these 2 lines:

 

body GORZUG /gorzug/i
score GORZUG 5.0

 

I tried in fssc.cfg or in local.cf, restarted F-Secure Anti-Virus Server Daemon service and the result in always the same in the header of the mail:

 

X-Spam-Flag: NO
X-Spam-Status: NO, hits=0 required=5, database-version=[2015-09-07_01],
 tests=spam.BD_NON_SPAM=3,spam.[BDANTISPAM_EmlIsClean  Build: [Engines:
 2.15.6.774, Stamp: 3], Multi: [Enabled, t: (0.003878,0.003867)], BW:
 [Enabled, t: (0.000015,0.000001)], RTDA: [Enabled, t: (0.305789), Hit: No,
 Details: v2.2.14; Id: 30agsf8.19utqbfkk.606g], total: 0(675)=1

 

I searched since this early morning and I'm lost.

 

Thanks for your help,

 

Zaza.

2 REPLIES 2
Superuser

Re: Spam rule E-mail and Server Security 11

Hello,

> I tried in fssc.cfg or in local.cf

I think both the web-based local GUI and the Policy Manager Console should have fields to configure the kind of filtering your request, so the use of command line editing is not advised?

For example, in Policy Manager, Advanced View mode:

F-Secure Anti-Virus for Microsoft Exchange / Settings / Transport Protection / Inbound Mail / Content Filtering / Disallowed Keywords in Message Subject and Disallowed Keywords in Message Text.

There you will find which list the rules use and then you can edit those lists under:
F-Secure Anti-Virus for Microsoft Exchange / Settings / General / Lists and Templates / Match Lists

Furhermore, you can just submit e-mail samples to F-Secure Lab and then they can release spam detection database, so you don't need to manually tune your system:

For undetected advertisement e-mails (spam): spam-samples@f-secure.com
For false alarm complaints in spam detection: ham-samples@f-secure.com
For dangerous "phishing" variants of spam: phishing-samples@f-secure.com

Best Regards: Tamas Feher, Hungary.

Scholar

Re: Spam rule E-mail and Server Security 11

Hi,

 

Wonderful. Using your solution, I send two samples. Wait and see now.

 

Thanks a lot,

 

Zaza.