To configure the Anti-Spam and Anti-Phishing scanning settings:
Perform the following steps in the Management Console tree:
To configure the Anti-Spam and Anti-Phishing scanning settings for an unassigned Security Server, maximize the node of the relevant Security Server.
To configure the Anti-Spam and Anti-Phishing scanning settings for Security Servers belonging to a profile, maximize the Profiles node and inside it maximize the node of the profile for whose Security Servers you want to configure the Anti-Spam and Anti-Phishing scanning settings.
Select the Server protection node.
In the workspace, on the Protection for the Transport Hub role tab, expand the Anti-Spam scan settings configuration section.
Select the Enable anti-spam scanning of messages check box if you want the application to scan messages for spam using the Anti-Spam module.
In the Spam processing settings section, in the Action dropdown list, select the action that the application will perform on messages with each of the statuses listed (Spam, Probable spam, Formal notification, Address blacklisted, Mass mail):
Allow. The message is delivered to recipients unchanged.
Reject. An error message is returned to the sending server (error code 500), and the message is not delivered to the recipient.
Delete. The sending server receives a notification that the message has been sent (code 250), but the message is not delivered to the recipient.
If your organization has several Microsoft Exchange servers through which messages are transmitted, Microsoft Exchange processes spam messages as follows: if a spam message was not deleted on the first server but it was deleted on a subsequent server, the spam message is stored in the shadow redundancy queue of the first server for the time period specified in the Microsoft Exchange settings. This method of message processing in Microsoft Exchange leads to a longer shadow redundancy queue on the first server.
In the Spam processing settings section, specify the additional actions that the application must take on messages with each of the statuses listed. Select check boxes opposite the relevant parameters:
Add SCL value. The application will add a Spam Confidence Level score to the message (SCL score). The SCL score is a number ranging from 1 to 9. A high SCL score means a high probability that the message is spam. The SCL rating of messages is taken into account during subsequent processing of messages by the Microsoft Exchange infrastructure.
Save copy. A copy of the message can be saved in Backup.
Add label to message subject. Messages that have been assigned the Spam, Probable spam, Formal notification, Address blacklisted, and Mass mail statuses are marked with special tags in the message subject: [!!Spam], [!!Probable Spam], [!!Formal], [!!Blacklisted], and [!!Mass Mail], respectively. If necessary, edit the text of these tags in the entry fields corresponding to the statuses.
When adding a tag to the subject of the message (if the character encoding is explicitly specified), non-Unicode characters of the tag are not readable after processing. For the tag to be read correctly, you need to replace non-Unicode characters with Unicode characters.
Select the Enable anti-phishing scanning of messages check box if you want the application to scan messages for phishing links.
Select the Process B2B offers as mass mails check box if you want the application to classify B2B mail as mass mail.
In the Spam processing settings section, under the Enable anti-phishing scanning of messages check box in the Action dropdown list, select the action that the application will perform on messages with the Phishing status:
Allow. The message is delivered to recipients unchanged.
Reject. An error message is returned to the sending server (error code 500), and the message is not delivered to the recipient.
Delete. The sending server receives a notification that the message has been sent (code 250), but the message is not delivered to the recipient.
In the Spam processing settings section, under the Enable anti-phishing scanning of messages check box, specify the additional actions that the application must take on messages with the Phishing status. Select check boxes opposite the relevant parameters:
Add SCL and PCL rating. The application assigns messages a spam confidence level (SCL) rate of 9 and a phishing confidence level (PCL) rate to 8. On arriving in the Microsoft Exchange mail infrastructure, messages with a high PCL rating (more than 3) are automatically directed to the Junk E-Mail folders, and all URLs contained in them are deactivated.
Save copy. A copy of the message can be saved in Backup.
Add label to message subject. Messages with the Phishing status are marked with a special tag in the message subject: [!!Phishing]. If necessary, edit the text of this tag in the entry field on the right.
When adding a tag to the subject of the message (if the character encoding is explicitly specified), non-Unicode characters of the tag are not readable after processing. For the tag to be read correctly, you need to replace non-Unicode characters with Unicode characters.
To enable the use of Kaspersky Security Network (KSN) services during anti-spam and anti-phishing scans:
Select the Use Kaspersky Security Network check box.
If necessary, specify the timeout for requests to a KSN server in the Maximum waiting time when requesting KSN field.
The default value is 5 sec.
The Use Kaspersky Security Network check box is available if the I accept the KSN Statement option is selected in the KSN Settings section in the Settings node. Use Kaspersky Security Network or the Use Kaspersky Private Security Network (KPSN) option. All settings of the Kaspersky Security Network service are applied to the Kaspersky Private Security Network service.
To enable the use of the Reputation Filtering service, select the Use Reputation Filtering check box. The Reputation Filtering check box is available if the Use Kaspersky Security Network check box is selected.
To disable Enforced Anti-Spam Updates Service, select the Use Enforced Anti-Spam Updates Service check box.
If your organization uses a proxy server for Internet access, you can configure the application connection to Kaspersky Security Network and Enforced Anti-Spam Updates Service through a proxy server.
Select the Scan outgoing messages and delete spam messages or messages containing phishing links check box in the Outgoing message processing settings section if you want to enable scanning of outgoing messages for spam and phishing.