Cisco Ironport increase is spam getting through?

[Jason Murray <jemurray () ZWECK NET>]

For those of you that use the Cisco Ironport anti-spam appliances, have
you noticed an increase in spam making it through unmarked in the past 6
months?  In the past we would see 1 or 2 messages a week get though, now
I am getting complaints from my users that a dozen or more a day are
getting though.

We are running the 7.6.x code base.   All the anti-spam rules are
updating automatically as they should be.


I opened a support case with Ironport and they sent back some generic reply:

The nature of spam is always changing, and we are always adjusting our
rules to do our best to catch it while minimizing false positives. Over
the past year or so, there has been less bulk, easy to catch spam and
more targeted, harder to catch spam. This may be why you notice more
spam getting in. As always, we appreciate it if you can submit missed
spam samples so we can improve out engine. See instructions later.



While I would agree with this somewhat, we are now starting to see
blatantly obvious spam getting though (porn).


We have have used Ironport for 6 years now, and we have never had this
much spam get though.   Before I continue to press Cisco for an answer,
I am curious if anyone else is seeing similar issues.

Thanks,

-- 
Jason E. Murray
Sr. Systems Engineer
Washington University in St. Louis
Phone: 314-935-4865
Email: jemurray () wustl edu
Web: http://nss.wustl.edu/~jemurray/

Attachment: signature.asc
Description: OpenPGP digital signature