IronMail Anti-Virus/Anti-Spam

• Viral determination is done via a Sophos engine and is based upon Sophos virus signatures.  New signatures are downloaded automatically from Sophos numerous times per day as they become available.
• Spam determination is done via a series of tests, each of which contribute to the spam "score" of the message.  The higher the score, the more likely the message is to be spam.
• Messages that are determined to be spam will be quarantined (held) on the IronMail appliances.  Users will receive daily quarantine summary message(s) from the appliances listing those messages that have been quarantined during the past day.  That summary message will contain an explanatory paragraph, a URL to all of the user's currently quarantined messages, and, in a list format, contain the following for each message quarantined since the last summary message:
• A link to release the message for delivery to your mailbox
  
• Sender
• Subject
• Size
  
• Time stamp
• The URL leads to a webpage on the IronMail appliance that contains a listing of each quarantined message, along with options to release, delete, and/or whitelist.  Whitelisting a sender means that future mail from that sender will not be subject to quarantine for spam content.
  

1. DEFAULT:  Discard all messages with viral content and quarantine messages likely to be spam.
2. QUARANTINE LESS:  Discard all messages with viral content and quarantine messages with a higher spam score.
3. QUARANTINE MORE:  Discard all messages with viral content and quarantine messages with a lower spam score.
4. TAG ONLY:  Discard all messages with viral content and add the tag "[spam]::" to the subject header of messages likely to be spam.  Tagged messages will not be quarantined and will be delivered to the user's mailbox.  The score used to tag messages will be the same as used for DEFAULT quarantining.
   
5. BYPASS:  Discard all messages with viral content and deliver all other messages untouched, without any tagging or quarantining.