Educause Security Discussion mailing list archives
Cisco Ironport increase is spam getting through?
From: Jason Murray <jemurray () ZWECK NET>
Date: Thu, 27 Dec 2012 09:55:52 -0600
For those of you that use the Cisco Ironport anti-spam appliances, have you noticed an increase in spam making it through unmarked in the past 6 months? In the past we would see 1 or 2 messages a week get though, now I am getting complaints from my users that a dozen or more a day are getting though. We are running the 7.6.x code base. All the anti-spam rules are updating automatically as they should be. I opened a support case with Ironport and they sent back some generic reply: The nature of spam is always changing, and we are always adjusting our rules to do our best to catch it while minimizing false positives. Over the past year or so, there has been less bulk, easy to catch spam and more targeted, harder to catch spam. This may be why you notice more spam getting in. As always, we appreciate it if you can submit missed spam samples so we can improve out engine. See instructions later. While I would agree with this somewhat, we are now starting to see blatantly obvious spam getting though (porn). We have have used Ironport for 6 years now, and we have never had this much spam get though. Before I continue to press Cisco for an answer, I am curious if anyone else is seeing similar issues. Thanks, -- Jason E. Murray Sr. Systems Engineer Washington University in St. Louis Phone: 314-935-4865 Email: jemurray () wustl edu Web: http://nss.wustl.edu/~jemurray/
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Cisco Ironport increase is spam getting through? Jason Murray (Dec 27)
- Re: Cisco Ironport increase is spam getting through? Will Froning (Dec 29)