Due to our configuration, we have SBG at three locations and therefor three Control Centers. I'm thinking about implementing per-user Suspect Spam quarantine but don't want users to get a digest from each of the SBG Control Centers. I'm thinking about.
1. Setting up a VM Control Center (or choose one of the existing CCs which are not in the DMZ) as the primary Spam Quarantine.
2. Change the Suspect spam policy to - add a header (SuspectSpam=Y) and then Route the message to the primary Spam Quarantine.
3. The primary Spam Quarantine server, create a Content Policy (if Header SuspectSpam = Y, hold message in Quarantine.
Has anyone tried this? I'm leaning towards using a VM since there would be little chance of other policies messing with the setup, and I can optimize for the quarantine function.