Not sure if the rest of the world likes receiving from this source. Samples are already sent to
http://www.symantec.com/business/support/index?page=content&id=TECH83081&locale=en_US
At the moment. We created a dicitonary policy for this one.
Attachment(s)
Have you activated the Newsletter and Marketing Mail policies on the Message Gateway?
These would not be considered spam, but should be detected under one of those policies.
Thanks. Will try this out.
Will these emails be eventually be marked or added to the Symantec Global lists?
They should be detected as Newsletters and the action you set for that policy will be taken.
Our appliance is version 9.0.1. It only goes as far as Suspected Spam in the policies.
The emails are quarantined on the 2nd day of attack. Unfortunately, the initial emails that went through are received by top management. So, I guess you have a general idea of how that day went.
You might want to look at upgrading to take advantage of the latest product features available(like the new verdicts previously mentioned) and there are probably some other things you can do improve effectiveness like enable Probe Participation. This KB talks about some of the options available:
http://www.symantec.com/business/support/index?page=content&id=TECH90043&actp=search&viewlocale=en_US&searchid=1323954410861
Cheers,
Kevin
Oh, yes, I apologize but I assumed you were on the latest version. You really need to get to version 9.5. Versions 8 and 9 are not able to take advantage of our latest spam detection features.