Solved

TREND IMSS content filtering piece isnt working for keywords

Posted on 2009-04-15
4
1,470 Views
Last Modified: 2013-11-22
Even when I reduce the Body keyword expressions to a single file, with a single word in it, and test it, it doesnt catch that word, but worse, it catches other, random emails without that word in it.

Same result whether I test for keywords in subject or message body.

All the other policies for spam / phishing etc. work ok.

Keywords such as "viagra" would be nice to catch as another line of defence.

Anyone heard of this bug before?  Suggestions welcome.
0
Comment
Question by:twomey_paul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Assisted Solution

by:page1985
page1985 earned 50 total points
ID: 24148611
Odd.  Most of the necessary keywords (viagra included) should be quarantined by the spyware definitions downloaded from TrendMicro.  Are you running updates?
0
 
LVL 6

Expert Comment

by:page1985
ID: 24148622
TrendMicro recommends you configure the product to update every 15 minutes, as this is how frequently they often release new SPAM definitions.  I've found that if I don't update this frequently, more junk gets through than it otherwise would.
0
 

Author Comment

by:twomey_paul
ID: 24148976
Page1985 - The spam / phishing piece analyses certain email bits and comes up with a "rating" - I've set our detection threshold to 4.0 - anything less than this starts getting hairy on the false positives.

I don't think this would catch a message from my gmail account that simply said subject: test, data: viagra, for example - but I don't know how it calculates the score.

I'm looking to trap just a few racist / sexist / spamist / basic profanity words which don't appear to get trapped with above rule.

Updates are running every day - did have it set more often but traffic get's a little on the large side.
0
 

Accepted Solution

by:
twomey_paul earned 0 total points
ID: 24156213
I've recreated policy and this appears to work now - maybe policy was corrupt.  Anyway - will close.
0

Featured Post

2017 Webroot Threat Report

MSPs: Get the facts you need to protect your clients.
The 2017 Webroot Threat Report provides a uniquely insightful global view into the analysis and discoveries made by the Webroot® Threat Intelligence Platform to provide insights on key trends and risks as seen by our users.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

It started not too long ago. It was at first annoying. My keystrokes seemed to be randomly generated, not the ones I typed on the keyboard. For some reason this only happened in certain applications (especially browsers such as IE11, Firefox and Chr…
If you are looking at this article, you have most likely been hit by some version of ransomware and are trying to find out if there is anything you can do, or what way you should react - READ ON!
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question