Outbreak Protection
-
Hello,
For a few days now, I’ve noticed that some business emails received from certain partners are being flagged as spam by Outbreak Protection( Spam result: 4 - Spam(confirmed)).
I’ve had similar cases of emails being classified as spam before, but they were quite rare.
How can I find out the reason? In the log, all I see is that they were categorized as spam. The issue is that some messages from the same domains are accepted, while others are not.
So far, the only solution has been to add them to the Allow List.
At the same time, quite a few messages that are clearly spam still make it through the Outbreak Protection/Spam filter. Is there any configuration or setting I should adjust?
Mdaemon 24.5.2 version
Thank you!
-
Arron Staff
Unfortunately you may not be able to find out the reason. In general, if you have messages that are incorrectly classified by Outbreak Protection, the best thing to do is forward the message as an attachment to spamfn@mdaemon.com or spamfp@mdaemon.com. Spamfn@mdaemon.com is for messages that were not classified as spam by Outbreak Protection that should have been classified as spam. Spamfp@mdaemon.com is for messages that were classified as spam by Outbreak Protection but should not have been. Messages that are received will be processed and passed on to Data443, our Outbreak Protection provider, as misclassifications.
Can you upload the MSG file for a message that was incorrectly classififed as spam so I can take a look at it?
https://mdaemon.sharefile.com/r-rc3922c1eed334d4dbf5e34f0bd04ccd6
-
The messages have already been blocked, so we never received them. Therefore, I have nothing to upload to the link mentioned above.
It seems that the current anti-spam solution included in MDaemon Antivirus does not provide sufficient and reliable scanning, both for eliminating spam messages and for preventing false positives. Could there be a misconfiguration, or does this solution simply have its limitations?
Tks
-
Arron Staff
Yes, please start by changing outbreak protection to accept spam messages for filtering (Security / Outbreak Protection). Adjust the score as you see fit, but don't set it so high that all messages flagged as spam by it will be rejected because of the message score. Uncheck the box for "When blocking spam, block messages which classify as "bulk" spam, so that if/when you decide to start blocking messages again, you are not blocking messages that classify as bulk. I'd reccomend checking all the boxes for the exeptions on the page, but I don't know your environment, so there may be a reason to not check some of them.
Once you receive an email that was incorrectly flagged by outbreak protection, please submit it to the addresses mentioned before. If you'd like more input on what you might be able to do to improve the configurations further, please upload the message to us and then let us know the name of the file so we can take a look. A copy of the inbound SMTP log that shows the message being received would also be helpful.