Increase in SpamBlocker false positives since firmware upgrade

We recently upgraded the firmware in our Firebox M470 and immediately started seeing an increase in false positives. E-mails from our CDW account manager, bank emails to our accounting staff, etc.

We used to get less than 5 per week, now we are seeing 5-10 per day. We are a small IT shop and can't be bogged down submitting false positives constantly.

Is anyone else seeing the same behaviour since the change to CloudMark?

Comments

  • For the record - upgraded from what version to what version?

  • RalphRalph WatchGuard Representative

    Hello Ian,

    No. Please submit a handful of samples so they can be analyzed. There must be a common denominator somewhere if you're seeing that many false positives.

    https://www.watchguard.com/help/docs/help-center/en-US/Content/en-US/Fireware/services/spamblocker/spam_report_false_c.html

    Ralph

  • james.carsonjames.carson Moderator, WatchGuard Representative

    Hi @Ian_Middleon

    I'd suggest opening a support case, and gather a pile of examples to attach to the case.

    The example emails need to be in .msg (outlook) or .eml (Thunderbird, everything else) format. They also need to not be inline forwarded (as that destroys the email headers in the message.) Have the users drag the email from the message list onto their desktop, and that should create the file for you. Zip some of those up, and attach it to the support case.

    (Don't attach them here, as they may have personal emails, etc.)

    Our support team can help analyze them and see what might be going wrong.

    -James Carson
    WatchGuard Customer Support

  • james.carsonjames.carson Moderator, WatchGuard Representative

    @Ian_Middleon It's also worth noting that the spam feedback emails changed with the move to cloudmark. Please check the link Ralph posted and ensure you're sending to the correct one.

    -James Carson
    WatchGuard Customer Support

Sign In to comment.