Handling False Positives and Negatives
The number of false positives (messages that are identified as spam, but are not) and false negatives (messages that are not identified as spam, but are) can be reduced by forwarding these messages to Sophos. SophosLabs analyzes characteristics of submitted messages and adjusts the anti-spam data accordingly. False positive messages should be sent to firstname.lastname@example.org, and false negatives should be sent to email@example.com.
You should consider including the capability that allows users or administrators to report such falsely identified messages. If you do, note the following requirements:
- The message forwarded to Sophos must include the whole message source, including headers, sent as an RFC822 attachment.
- The headers must include the version number of the engine and the version and date of the data package used to scan the message.
- The headers must include the hits fired by the engine and the spam probability assigned to the message.