Even though the Hornetsecurity spam filter has a recognition rate of 99.99%, you might experience from time to time that some emails will be filtered incorrectly. These emails are referred to as:
- False Positive (FP): Valid e-mail got accidentally filtered
- False Negative (FN): E-mail wasn’t filtered through the spam filter
This article describes how to report false negatives and false positives. There are several possibilities, using an optimized way will lead to faster processing of your case.
| Optimized ways of processing |
|
Control Panel Emails can be released within the Email Live Tracking. This will automatically create a FP feedback with us. Marking any clean email as spam or threat will automatically create a FN feedback with us. We'd analyze these reports and update our filters, if required. Please note that we won't reach you back after. In case you have doubts, or if you need further feedback for a specific FP or FN case, please report the case/sample via ticket system. |
|
Quarantine Report Fast reporting can be achieved through setting up the Quarantine Report for your users, which can be used to directly mark false positive cases. This also allows to deliver these directly to the user inbox (permission can be configured via Control Panel). You will receive direct feedback in your browser as soon as the email has been released. |
|
Outlook Add-In Reporting via Outlook Add-in can also be used to provide samples for required filter adjustments. This way of reporting is fast, and all necessary information are automatically attached to your reported case. |
Our Recommendation
In general, we suggest using the Control Panel to report any false positive or false negative cases. This way everything will be processed through a single platform, which also is used for various other things.
In some cases where the Control Panel is not used by the end users themselves we suggest using the Quarantine Report and/or the Outlook Add-In for reporting purposes instead.
Alternative ways of processing
If reporting through the other processing ways did not solve your issue, please report your case (including an EML sample) to our support agents via ticket system.
Comments
2 comments
I have read the articles referred to above and I still cannot see exactly how to report false positives via the Control Panel, OR via the quarantine reports. Am I missing something or was something changed since this article was written?
Hi Gareth, good question!
The Falsepositive reporting is happening in the moment a correction, like a release of the quarantine, is progressed. Releasing from Quarantine Report will trigger this.
Its a more indirect / automatic feedback loop, but it will make sure our system learns most of it from in this case: Enduser Feedback.
Its another story with a Falsenegative: From a technilcal point of view, we let something through and without Archiving booked we are not entitled to store that. Still you can report on it like above mentioned.
On all cases, reports do not contain specific feedback. But its processed within a very short timeframe, like within 1 business day.
I hope the options are convinient for you. Happy to hear from you.
BR,
Jakob
Please sign in to leave a comment.