Aggressive Profile for Anti-Spam

Efficacy Guide using Cisco Secure Email

Enable the Aggressive Scanning Profile for Anti-Spam

From the UI of your Gateway/Cloud Gateway, do the following:

  1. Security Services > IronPort Anti-Spam
  2. Click Edit Global Settings...
  3. For Scanning Profile, change from Normal to Aggressive
  4. Submit and Commit your configuration changes

📘

What is the 'Aggressive' Scanning Profile?

The Aggressive profile allows for customers who desire a stronger emphasis on blocking spam.

The Aggressive profile emphasizes machine learning-based systems that respond well to submissions.

🚧

When using the Aggressive Scanning Profile:

  • Using the Aggressive profile is a global-level setting, so ALL per-policy Anti-Spam configuration(s) will have this profile applied.
  • When enabled, tuning Anti-Spam policy thresholds will have more impact on spam detection than the Normal profile, with a more significant potential for false positives. Please reset ALL policy-level Anti-Spam spam thresholds to "Use the Default Thresholds." Do NOT use custom settings for positively identified spam or suspect spam.
  • In addition to having Anti-Spam with the Aggressive profile configured, Cisco recommends enabling Graymail for the same policy/policies. Graymail verdicts are exposed to IPAS, which have provided detection with the Aggressive profile enabled.
  • Finally, if you are using Intelligent Multi-ScanIntelligent Multi-Scan - Intelligent Multi-scan (IMS) is an add-on license that provides additional anti-spam classification capabilities by combining the results of the multiple anti-spam classifier with the Cisco IPAS classifier in the Inbound and Premium Bundles. It increases the spam catch rate at the possible expense of a greater number of false positives., do NOT select the Aggressive profile.

Guide Checklist

At this time, we have completed the following:

Once you have configured the Aggressive profile, please proceed to the next section of this document.


Did this page help you?