Sign in
 
HomeProductsLibraryLearnDownloadsSupportForums
Microsoft Forefront TechCenter >
How to verify why forefront 2010 blocked a message and sent it to quarantine

الإجابة How to verify why forefront 2010 blocked a message and sent it to quarantine

  • Friday, December 07, 2012 10:50 AM
     
     
    Sign In to Vote
    0

    Hi,

    can anybody tell me how in forefront I can check why the mail was assigne an scl of 9 for instance? I checked the mail headers in outlook from a particular message, but i would like to see how cloudmark says certain mail is spam, which is legitimate mail. So false positives. Anybody an idea where to check this?

     

All Replies

  • Saturday, December 08, 2012 8:41 AM
     
     Proposed
    Sign In to Vote
    1

    Hey David

    Thanks for this Post ,

    As Far as I understand  , You need to Managing quarantine ,

    1. In FPE Client Change the Settings by follow the link below :

    http://technet.microsoft.com/en-us/library/dd639398.aspx

    2. Export the Policy from the Client 

    3. Deploy the policy in FPSMC to other FPE clients

    4. Try to Send a Violent/unexception file for test into Your own ORG .

    5. Check the FPSMC - > Quarantine Management - > Quarantine View .


    I'd be happy to answer any questions
    Shuki Noy

    • Proposed As Answer by George Rodi Wednesday, December 19, 2012 12:10 PM
    •  
     
  • Monday, December 10, 2012 1:02 PM
     
     Answered
    Sign In to Vote
    1

    Hi,

    you can see all detected emails the incidents node of FPE. But there is no way to find out why or by which pattern or word an email has been detected by Cloudmark as spam. You can only see the SCL value in the header of an email which is always a value from 5 to 9.

    Greetings

    Christian

    Christian Groebner MVP Forefront

     
  • Tuesday, December 11, 2012 7:47 AM
    Moderator
     
     Proposed
    Sign In to Vote
    0

    Hi,

    Thank you for the post.

    “can anybody tell me how in forefront I can check why the mail was assigne an scl of 9 for instance?” – you may view the incidents to see the detailed information: http://technet.microsoft.com/en-us/library/dd639370.aspx

    but i would like to see how cloudmark says certain mail is spam,”- like Christian said, this cannot be done. FPE use cloudmark engine to analyze each e-mail message and stamp it with a Spam Confidence Level.

    Regards,

    Nick Gu - MSFT

    • Proposed As Answer by George Rodi Wednesday, December 19, 2012 12:10 PM
    •