If messages that should have been identified as spam are not caught by PureMessage filtering, you are encouraged to forward these
messages to is-spam@labs.sophos.com. Conversely, messages that were not caught by the anti-spam
engine that you consider to be spam should be forwarded to not-spam@labs.sophos.com Forwarded messages are
processed as follows:
- The message is received and checked for attachments. It is preferred that you forward spam
messages as "message/rfc822" attachments. Submissions received without one or more spam
samples are discarded.
- Spam samples forwarded as "message/rfc2822" attachments are automatically extracted and
sent to our spam database. URLs, IP addresses, phone numbers, content signatures and other
message attributes are automatically extracted from the spam messages and passed to an automated
assessment system.
- An automated assessment is made as to whether the information extracted from the submitted
spam e-mail will enable PureMessage to block the
message. If PureMessage cannot consistently filter the
spam message using the extracted information, the information is passed along to SophosLabs analysts for manual analysis.
- The anti-spam data that is extracted or developed through this process is immediately added
to the latest anti-spam package, which is made available via an automatic update.