This article applies to:

• Trustwave MailMarshal (SEG)

Question:

• How do I verify the score a missed message received in SpamCensor?
• How do I log all spam (SpamCensor) results?
• How do I verify the score a missed message received from SpamProfiler (MailMarshal 6.7 and above)?

Procedure:

You may want to view the spam scoring of messages that were not blocked by MailMarshal.  By default, MailMarshal will only log results to the engine log file if the SpamCensor or SpamProfiler triggers. If you want to log all results, regardless of whether or not the features trigger, you will need to modify the registry of the MailMarshal Server.

Warning: Using the Registry Editor incorrectly can cause serious problems that may require you to reinstall your operating system. Trustwave cannot guarantee that problems resulting from the incorrect use of Registry Editor can be solved. Make sure that you backup your Registry prior to making any changes.

1. On the Array Manager, edit the Registry (10.X: use Advanced Settings in the Management Console)
2. Navigate to the SEG Engine key:
   • In version 8.X: HKEY_LOCAL_MACHINE\SOFTWARE\Trustwave\Secure Email Gateway\Default\Engine
   • 10.X: value names have the prefix Engine. (Engine dot).
   • For full details of the location for each product version, see article Q10832.
3. Add a new DWORD value named LogSpamAlways.
4. Set the value to 0 for false, or 1 for true (i.e. log all results).
5. Save your registry settings.
6. On MailMarshal 5.x, reload the rules, and restart the MMEngine service
7. On MailMarshal 6.0 and above, restart the MMArrayManager service, commit configuration changes, then restart the MMController service on each node.

Notes:

• This feature was added for SpamCensor in MailMarshal SMTP version 5.5.3.2.
• This feature was added for SpamProfiler in MailMarshal SMTP version 6.7. 

This article was previously published as:

NETIQKB39846