The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
This document explains how to test your Anti-Spam setup by sending a sample spam message through your Cisco Email Security Appliance (ESA). First, you need to make sure that Anti-Spam is enabled on the server. This can be verified by logging on to the web interface and selecting 'Security Services' tab and then 'Anti-Spam', and make sure it is enabled. Also make sure that your Incoming Mail Policies have Anti-Spam settings enabled. You can confirm that by going to 'Mail Policies' then 'Incoming Mail Policies', and modify the policy spam settings by clicking on the hyperlink under Anti-Spam.
After you have configured your Incoming Mail Policies to take appropriate actions on the spam messages, log on to the CLI of your ESA. We are going to generate a sample spam message with "X-Advertisement: spam" header in the mail message. Telnet to your appliance at port 25 and initiate SMTP conversation as showed in the below example.
example.domain.com> telnet mail.example.com 25
Connected to mail.example.com.
Escape character is '^]'.
220 mail.example.com ESMTP
250 SIZE 104857600
250 sender <email@example.com> ok
250 recipient <firstname.lastname@example.org> ok
354 go ahead
Subject: testing spam filter
250 ok: Message 44 accepted
Type in 'tail mail_logs' on the CLI of your ESA to watch the message coming in and the output should look something like it is shown below:
Tue Apr 26 16:33:48 2005 Info: Start MID 44 ICID 28
Tue Apr 26 16:33:48 2005 Info: MID 44 ICID 28 From: <email@example.com>
Tue Apr 26 16:33:53 2005 Info: MID 44 ICID 28 RID 0 To: <firstname.lastname@example.org>
Tue Apr 26 16:34:18 2005 Info: MID 44 Message-ID '<email@example.com>'
Tue Apr 26 16:34:18 2005 Info: MID 44 Subject 'testing spam filter'
Tue Apr 26 16:34:18 2005 Info: MID 44 ready 84 bytes from <firstname.lastname@example.org>
Tue Apr 26 16:34:18 2005 Info: MID 44 matched all recipients for per-recipient
policy DEFAULT in the inbound table
Tue Apr 26 16:34:18 2005 Info: MID 44 Brightmail positive
Tue Apr 26 16:34:18 2005 Info: Message aborted MID 44 Dropped by case
Tue Apr 26 16:34:18 2005 Info: Message finished MID 44 done
Tue Apr 26 16:34:21 2005 Info: ICID 28 close
The result in the mail logs show that the message was identified as Spam positive and was dropped as defined in the Anti-Spam incoming mail policy. Please verify that the ESA is taking the appropriate actions as defined in your Anti-Spam settings.