SecurityGateway uses a high performance, customized version of the popular open source SpamAssassin™ project for heuristic rules and Bayesian classification. Messages are passed to this process and assigned a score based upon their content. Alternatively, SecurityGateway also allows you to utilize your own external SpamAssassin™ daemon if you do not wish to use the one that is built-in.
Configuration
Use heuristic rules and Bayesian classification to analyze messages
By default this option is enabled, meaning that messages will be passed through the heuristic rules and Bayesian classification system and assigned a SpamAssassin score based on the results. Clear this checkbox if you wish to disable this system and make the other option on this page unavailable.
You can configure options for automatically updating your heuristic rules, and options governing Bayesian classification on the SGSpamD Configuration screen. You can reach that screen via the Click here to configure SGSpamD link under the "Use built-in local SpamAssassin engine (SGSpamD)" option below.
Add score returned by SpamAssassin to message score
By default, this option is used to add the SpamAssassin score to the message score. When using the Message Scoring options, adding the SpamAssassin score to the final message score could give you another tier of spam protection and increase the likelihood of catching spam that wouldn't score high enough to be caught by SpamAssassin alone or by the other individual anti-spam scoring options.
Reject message if SpamAssassin score greater or equal to...
Use this option to designate a rejection threshold value for the SpamAssassin score. In other words, when the SpamAssassin score for a message is greater than or equal to this value, the message will be rejected at that point during the SMTP session rather than be quarantined or continue to be processed through the remaining anti-spam and message scoring options. Consequently, if you use this option in conjunction with the "Quarantine message if SpamAssassin score greater or equal to..." option below, you should always set the rejection threshold to a value greater than the quarantine value. Otherwise, no message would ever be quarantined due to its SpamAssassin score. Any message that would have a sufficient score to be quarantined would already have been rejected instead. The default value for this rejection threshold is "12.0".
Quarantine message if SpamAssassin score greater or equal to...
Activate this option if you wish to designate a quarantine threshold for the SpamAssassin score. Any message with a score greater than or equal to this value will be quarantined. Quarantined messages can be viewed and managed by the recipient or administrator by signing in to SecurityGateway. If you are using this option in conjunction with the "Reject message if SpamAssassin score..." option above, you should always set the Quarantine message... option to a lower value than the Reject message... option. The default value for this option is "5.0".
|
You should monitor the Heuristics and Bayesian system's performance and over time refine both the rejection and quarantine thresholds to suit your need. Generally the default values, however, will catch most spam, with relatively few false negatives (spam that slips through unrecognized) and rarely any false positives (messages flagged as spam that are not). The default rejection threshold of 12 is a good starting point, since in most cases a legitimate message will not score that high. |
Exclusions
Exclude messages larger than [xx] KB
Specify a desired value here (in kilobytes) if you wish to exclude larger messages from being scanned by the Heuristics and Bayesian system. Large messages are rarely considered spam; excluding them from scanning can conserve a great deal of resources.
Exclude messages from allowlisted senders
By default SecurityGateway will exclude messages from Heuristics and Bayesian processing when they originate from an allowlisted sender. Clear this checkbox if you do not wish to exclude these messages.
Exclude messages from authenticated sessions
This option is used to exclude messages from the Heuristics and Bayesian system when the SMTP session on which they are arriving is authenticated. This option is enabled by default.
Exclude messages from domain mail servers
Messages coming from your domain mail servers are excluded from Heuristics and Bayesian processing by default. Uncheck this option if you do not wish to exempt messages coming from those servers.
Location (All Domains)
Use built-in local SpamAssassin engine (SGSpamD)
Choose this option if you wish to use SecurityGateway's built-in SpamAssassin engine, which runs as a separate daemon — the SecurityGateway Spam Daemon (SGSpamD). To configure SGSpamD, click the Click here to configure SGSpamD link. If you wish to use a different SpamAssassin engine running at a remote location, then choose the "Use a remote SpamAssassin..." option below.
Use a remote SpamAssassin daemon (SpamD)
Choose this option if you wish to scan messages using a SpamAssassin daemon located at a remote location rather than use the built-in SGSpamD.
Host Address:
Specify the IP address of the remote SpamD here.
Port:
Use this option to designate the port on which your remote SpamD is running.
Test
Click this button to test the connection to the remote SpamD.
Exceptions - Domains
If you select a specific domain in the "For Domain:" drop-down list box at the top of the page when configuring these settings, that domain will be listed here after saving the settings. Click the View/Edit link for the corresponding domain to review or edit its Heuristics and Bayesian settings, or click Reset to reset the domain's settings to the default Global values.
