Since last week we've started having multiple spam false positives (from Content Anti Spam engine on a Checkpoint 5100 R80.10) using a cumbersome trial-and-error proces we've pinpointed the problem to url shorteners. Most of the messages being tagged as spam had them on their signatures. I'm guessing a recent engine or definitions update started causing this. I'm all for dumping those bad guys, and am more than happy that Checkpoint continuously improve their engines.
What I've been trying to find, however, is a way to both identify the reason for the spam tagging and how and where to fine-tune that.
After all, if the Anti Spam engine checks conditions A, B, C, D, E, F, why wouldn't the error message being logged was "Tagged as spam because of D" insted of "Spam Rejected"?
Having to tell my business partners that we are rejecting their messages just because is not a good way to keep that business relationship. Specially if they reply - you're the only one rejecting our messages.
Has anyone experienced this problem and if so, were you able to work around this?