If the domain administrator has provided us with a complete list of mailboxes for your domain, then it enables per-mailbox policy settings. These override the domain-wide default settings your administrator has selected.
You can set your account to use the domain-wide settings by choosing the checkbox Use the default filter settings for my domain.
Spam Filter Settings
The Spam Filter settings has the most options. You can choose from various pre-defined presets for filtering, or set your own, with any level of granularity.
Messages that are spammy can be delivered with their Subject lines rewritten. Spam messages can be quarantined. And you can choose the score at which each of those happens. Our standard settings simply quarantines at a score of 7.0. But you might want to make this number higher or smaller, or add the option to rewrite the Subject. It's entirely in your control.
Anti-Phishing Filter Settings
Virus Filter Settings
Your options for virus-infected emails are much simpler - do you want a notification sent to you when a virus-infected message is quarantined?
Size Filter Settings
Likewise, you can opt to reduce the maximum allowed message size for your email. Our maximum limit is 150MB.
Banned Filetypes Filter Settings
Banned Filetypes are messages that contain various types of dangerous enclosures. The standard filetypes blocked by this filter include: .bat, .cmd, .com, .cpl, .dll, .exe, .pif, .scr, .js, .jar and .vbs.
These restrictions apply to files embedded inside other files, like zip or tar files too.
Besides quarantining these emails and deciding if you want a notification, you can also allow them through to you. You can even set a "plus extension" for delivery, so you can have the message delivered to a variant of your email address, like firstname.lastname@example.org. Some people like to use this to support client-side filtering.
Bad Header Filter Settings
The Bad Headers filter has the same options as those for the Banned Filetype filter. Bad headers are messages that violate the internet-standard RFCs. The checks include verifying the MIME structure of an email message, checking for control characters (like NUL and CR), looking for improperly encoded 8-bit characters in an email header (per RFC 5322), and headers longer than the maximum allowed length of 998 characters (per RFC 2822)
Of all the things here, this is the one most likely to have a false positive, particularly with various mailing lists. You might want to just let it go ahead and deliver these messages. Or deliver it with an extension. Or if you do want to quarantine it, enable the notification.
The default penalty for a message with an identified language that does not match your personal list, is 5 points. You can increase or decrease this to whatever you prefer. Picking a number substantially higher than your quarantine cutoff point (default is 7.0) will make sure those messages go to the quarantine, unless they are overridden by a whitelist entry.