Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

TREND IMSS content filtering piece isnt working for keywords

Posted on 2009-04-15
4
Medium Priority
?
1,491 Views
Last Modified: 2013-11-22
Even when I reduce the Body keyword expressions to a single file, with a single word in it, and test it, it doesnt catch that word, but worse, it catches other, random emails without that word in it.

Same result whether I test for keywords in subject or message body.

All the other policies for spam / phishing etc. work ok.

Keywords such as "viagra" would be nice to catch as another line of defence.

Anyone heard of this bug before?  Suggestions welcome.
0
Comment
Question by:twomey_paul
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 6

Assisted Solution

by:page1985
page1985 earned 200 total points
ID: 24148611
Odd.  Most of the necessary keywords (viagra included) should be quarantined by the spyware definitions downloaded from TrendMicro.  Are you running updates?
0
 
LVL 6

Expert Comment

by:page1985
ID: 24148622
TrendMicro recommends you configure the product to update every 15 minutes, as this is how frequently they often release new SPAM definitions.  I've found that if I don't update this frequently, more junk gets through than it otherwise would.
0
 

Author Comment

by:twomey_paul
ID: 24148976
Page1985 - The spam / phishing piece analyses certain email bits and comes up with a "rating" - I've set our detection threshold to 4.0 - anything less than this starts getting hairy on the false positives.

I don't think this would catch a message from my gmail account that simply said subject: test, data: viagra, for example - but I don't know how it calculates the score.

I'm looking to trap just a few racist / sexist / spamist / basic profanity words which don't appear to get trapped with above rule.

Updates are running every day - did have it set more often but traffic get's a little on the large side.
0
 

Accepted Solution

by:
twomey_paul earned 0 total points
ID: 24156213
I've recreated policy and this appears to work now - maybe policy was corrupt.  Anyway - will close.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Forget those services on TV trying to sell you software – that’s step one.  Almost all of the software you need should be available for free.  The tricky part is doing the work.  If you are not comfortable performing these steps yourself, contact a …
If you thought ransomware was bad, think again! Doxware has the potential to be even more damaging.
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question