To stay updated on your favorite discussions, please create an account or log in. Then, click the Bookmark icon to subscribe and receive notifications.

Spam rule E-mail and Server Security 11

Zaarin52 W/ Alumni Posts: 2 Security Scout



I tried to implement some custom rules and it doesn't seem to work maybe I'm doing something wrong.


Let's say:


I want to block the word or a word containing "gorzug" in the subject or in the body. So I put these 2 lines:


body GORZUG /gorzug/i
score GORZUG 5.0


I tried in fssc.cfg or in, restarted F-Secure Anti-Virus Server Daemon service and the result in always the same in the header of the mail:


X-Spam-Flag: NO
X-Spam-Status: NO, hits=0 required=5, database-version=[2015-09-07_01],
 tests=spam.BD_NON_SPAM=3,spam.[BDANTISPAM_EmlIsClean  Build: [Engines:, Stamp: 3], Multi: [Enabled, t: (0.003878,0.003867)], BW:
 [Enabled, t: (0.000015,0.000001)], RTDA: [Enabled, t: (0.305789), Hit: No,
 Details: v2.2.14; Id: 30agsf8.19utqbfkk.606g], total: 0(675)=1


I searched since this early morning and I'm lost.


Thanks for your help,




  • etomcat
    etomcat W/ Alumni Posts: 1,172 Firewall Master


    > I tried in fssc.cfg or in

    I think both the web-based local GUI and the Policy Manager Console should have fields to configure the kind of filtering your request, so the use of command line editing is not advised?

    For example, in Policy Manager, Advanced View mode:

    F-Secure Anti-Virus for Microsoft Exchange / Settings / Transport Protection / Inbound Mail / Content Filtering / Disallowed Keywords in Message Subject and Disallowed Keywords in Message Text.

    There you will find which list the rules use and then you can edit those lists under:
    F-Secure Anti-Virus for Microsoft Exchange / Settings / General / Lists and Templates / Match Lists

    Furhermore, you can just submit e-mail samples to F-Secure Lab and then they can release spam detection database, so you don't need to manually tune your system:

    For undetected advertisement e-mails (spam):
    For false alarm complaints in spam detection:
    For dangerous "phishing" variants of spam:

    Best Regards: Tamas Feher, Hungary.

  • Zaarin52
    Zaarin52 W/ Alumni Posts: 2 Security Scout



    Wonderful. Using your solution, I send two samples. Wait and see now.


    Thanks a lot,



This discussion has been closed.