Aggressive Profile for Anti-Spam

Efficacy Guide using Cisco Secure Email

Enable the Aggressive Scanning Profile for Anti-Spam

From the UI of your Gateway/Cloud Gateway, do the following:

  1. Security Services > IronPort Anti-Spam
  2. Click Edit Global Settings...
  3. For Scanning Profile, change from Normal to Aggressive
  4. Submit and Commit your configuration changes


What is the 'Aggressive' Scanning Profile?

The Aggressive profile allows customers who desire a stronger emphasis on blocking spam.

The Aggressive profile emphasizes machine learning-based systems that respond well to submissions.


When using the Aggressive Scanning Profile:

  • Using the Aggressive profile is a global-level setting, so ALL per-policy Anti-Spam configuration(s) will have this profile applied.
  • When enabled, tuning Anti-Spam policy thresholds will have more impact on spam detection than the Normal profile, with a more significant potential for false positives. Therefore, please reset ALL policy-level Anti-Spam spam thresholds to "Use the Default Thresholds." Do NOT use custom settings for positively identified spam or suspect spam.
  • In addition to having Anti-Spam with the Aggressive profile configured, Cisco recommends enabling Graymail for the same policy/policies. Graymail verdicts are exposed to IPAS, which have provided detection with the Aggressive profile enabled.
  • Finally, if you are using Intelligent Multi-ScanIntelligent Multi-Scan - Intelligent Multi-scan (IMS) is an add-on license that provides additional anti-spam classification capabilities by combining the results of the multiple anti-spam classifier with the Cisco IPAS classifier in the Inbound and Premium Bundles. It increases the spam catch rate at the possible expense of a greater number of false positives., do NOT select the Aggressive profile.

Guide Checklist

At this time, we have completed the following:

Once you have configured the Aggressive profile, please proceed to the next section of this document.

Did this page help you?