There are various categories of False Positives that may be generated, eg. Jokes, Celebrations, Festive wishes, Business process requirements etc. The most important aspect is to categorize prioritize these mails on the basis of their occurrence / volume.
There are various different parameters that may be present within a specific Target area, ie. Email addresses, Keywords etc. Below is an outline of what may be done for each of these parameters:
Default policies like Competitor Communications etc, are likely to generate a significant amount of False Positives. The best approach to Fine tune these policies is to adapt the below approach:
Keywords are the most important aspect that may be considered for exclusions / inclusions in a policy.
Once a Target area has been isolated, perform an analysis of the False Positives and False Negatives. Identify keywords that are common amongst these Incidents, and categorize them in the following manner:
These keywords will be helpful for creating Match based Rules (with False Negative keywords) or Exceptions (with False Positive keywords)