Thanks for the Tip; I modified my rules, and disabled all Spam policies except "Spam or Suspect Spam: Quarantine Message", and "Failed Bounce Attack Validation: Reject Message". Those are the only two applied to the "Default Group" (previously only the first two and "Failed Bounce Attack" where applied to a group). I also set all the "Bad Senders" rules to modify the subject line and hold in Quarantine. The odd thing is, since I made that change, the "Inbound E-Mail Message Summary" shows that zero spam has come in since I made the change, but when I go to "Message Audit Logs" and enter one of my e-mail addresses, it comes up with a bunch of messages, and the most recent four, about two hours ago, (among others) where blocked with a "Symantec Global Bad Sender" Verdict, and an action of "Modify the subject line, Hold message in Spam Quarantine" (This is what I set everything up to do). If I go to "Spam" > "Quarantine" > "E-Mail Spam", there's nothing there. Where did they go??
As a rule, I like Symantec's Corporate products, but I really don't like the Brightmail Gateway. It's counter-intuitive, and the message logs suck. Why is there a "Mandatory Filter Value" in the "Message Audit Logs"?? Why can't there be a "Show ALL" option to see logs of ALL messages that have gone through the gateway, not just to or from a specific address? You should get an "ALL" view by default, with an option to filter.