This article introduces the Spam Score and Spam Detection feature. This functionality allows you to drill into why an inbound message has been held and accumulated a high spam score. With the ability to review a message's held reason and spam score, the feature provides a high-level overview of:
-
-
- Why an email was held by the Spam Scanning Policy.
- Why a policy enacted the way it did and how to be proactive in your approach to the message.
-
Using the Spam Score
To use the spam score:
- Log on to the Mimecast Administration Console
- Navigate to Message Center | Message Tracking.
- Search for a message using either Search by Data or Search by ID.
- Optionally filter the messages you would like to appear by clicking on the
icon to configure specific headings.
- Click on a message to display the Message Details side panel.
- Hover over the
icon to display the following information:
-
-
- Spam Score: Each message is assessed and given a score. The higher the score, the more Spam characteristics an email has. For further assistance, visit the Configuring Spam Scanning Definitions and Policies page.
- Spam Detection Level: This determines what action should be taken when the Spam Score exceeds a certain threshold. For further assistance, visit the Configuring Spam Scanning Definitions and Policies page.
-
Spam Score
For details on what the Spam Score is, see the Spam Score page.
Additional Sections in Message Details
Three tabs are available under the Spam Score heading to provide a better understanding of why a message has been held and accumulated a high spam score:
- Held Reason: Messages can be in the Held Queue for a specific reason (e.g., Suspicious Message Structure or a Spam Scanning definition). In this case, the Spam Scanning definition is displayed under this heading.
-
Spam Score: Each message is assessed and given a score. The higher the score, the more spam characteristics it has. A message with a spam score of 28 or higher is automatically rejected in protocol and logged in the Rejection Viewer. This is regardless of what the Spam Scanning action is set to. If there are no Spam Scanning policies that apply to a message, the Spam Detection Level displays No Policy.
If a sender is Permitted, Spam scanning is not applied, and messages with a Spam Score of 28 or higher will be accepted.
- Spam Detection Level: This determines what action is taken when the spam score exceeds a certain threshold (e.g., Relaxed, Moderate, or Aggressive).
The Analysis Tab
The Message Insight - Analysis Tab in message details displays the processing steps and provides the results of how a message has been assessed at each stage. This information is organized into a list of checks, the output of which can trigger a defined policy action. For example, enabling graymail control and setting the graymail detection action to Same as Spam Detection. This allows you to see that a message was classified as graymail and moved to the held queue as per the spam policy. This information provides an understanding as to why a certain policy was flagged, especially when used in combination with policies considered.
If there is a "-" sign next to a policy type, it has not been enabled and therefore cannot perform any check against the message. Only Inbound email scanning information is displayed, and so Internal to External Processing Details and Scan information are not displayed.
Comments
Please sign in to leave a comment.