Mail filtering is controlled by policy settings. The main categories of the policy include Anti-Virus, Anti-Spam, Data Control, and Additional Policy (such as offensive language and keywords). You can also set Allow/Block Lists and Filtering Options. Generally, the settings that you can change involve which actions are triggered by specific events, and for what groups of your users the settings are applied.

For example, the Anti-Virus page allows you to select—for either inbound and outbound messages—the actions that are taken in response to messages that contain:

  • Viruses
  • Unscannable Attachments
  • Encrypted Attachments
  • Suspect Attachments

The actions that you can select vary for the different events, but may include:

  • Deliver immediately
  • Quarantine
  • Reject
  • Discard
  • Quarantine and deliver

You can also select the end user group(s) affected by these settings, and you can specify exceptions to the selected group(s).

Similar types of settings are available for Anti-Spam and Additional Policy filtering, although the details for each vary.

Several policy pages also contain global settings. These settings can have a significant impact on system performance and filtering accuracy. They include:

  • On the Additional Policy page, you can can configure the content preferences for inbound and outbound mail.
  • On the Allow/Block Lists page, you can create allow and block lists for hosts and senders that can be used to accept or reject messages from the indicated sources, thus avoiding normal policy processing.
  • On the Filtering Options page you can:
    • set the stage at which IP reputation filtering is performed.
    • enable protection from denial of service (DoS) attacks.
    • set whether to share aggregate traffic data with SophosLabs to improve your spam protection.