Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 1 reply
  • Subscribers 2 subscribers
  • Views 1609 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

e-Mail SPAM

Jan Wippermann1

ctasd reports 'Confirmed' RefID:str=0001.0A78XXXX.XXXXXXXX.XXXX,ss=4,sh,re=0.000,recu=0.000,reip=0.000,cl=4,cld=1,fgs=8

 

Hi

Wie kann ich rausfinden, was ctasd gestört hat?
Kann man die RefID irgendwo nachschlagen?

Wofür steht das ss, sh, re, recu, reip, cl, cld, fgs?

VG
Jan



This thread was automatically locked due to age.
Parents
  • 0

    Hallo Jan,

    Herzlich willkommen hier in der Community !

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    ctasd = commtouch antispam daemon.  This daemon calculates a RefID based on the entire email including headers and then requests a rating from an application in the cloud.  That app responds with one of four ratings: Unknown, Suspect, Bulk and Confirmed  - the last indicates that there's no question that the content was spam.

    If you believe that some emails are being incorrectly classified as Confirmed, you might want to report that they're not.  To do this, you must set 'Reject at SMTP time' Off at the top of the 'Antispam' tab and, below that, select "Quarantine" for 'Confirmed spam action'.  You can then use Mail Manager to "Release and report as false positive'.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Reply
  • 0

    Hallo Jan,

    Herzlich willkommen hier in der Community !

    (Sorry, my German-speaking brain isn't creating thoughts at the moment. [:(])

    ctasd = commtouch antispam daemon.  This daemon calculates a RefID based on the entire email including headers and then requests a rating from an application in the cloud.  That app responds with one of four ratings: Unknown, Suspect, Bulk and Confirmed  - the last indicates that there's no question that the content was spam.

    If you believe that some emails are being incorrectly classified as Confirmed, you might want to report that they're not.  To do this, you must set 'Reject at SMTP time' Off at the top of the 'Antispam' tab and, below that, select "Quarantine" for 'Confirmed spam action'.  You can then use Mail Manager to "Release and report as false positive'.

    MfG - Bob (Bitte auf Deutsch weiterhin.)

     
    Sophos UTM Community Moderator
    Sophos Certified Architect - UTM
    Sophos Certified Engineer - XG
    Gold Solution Partner since 2005
    MediaSoft, Inc. USA
Children
No Data
Unfiltered HTML