I have redesigned my policies for some reasons.
So I created "activity isles".
It would be fine if I have a graphical help to mark these isles. It would be even better if I could name these isles.
See an example here:
Yes, you are Right, Kevin.
In my small example you see that I distinguish between confirmed spam and bulk spam to get the right reason. Nevertheless this environment has been screenshotted from a small system.
For larger systems I recommend at least two screens ...
This is an issue that everyone who configures filter policies must deal with.
My filter policies look a lot like yours. While there are ways to reduce the number of components on the workbench, for example by using a single Message Block service, it becomes very difficult to see how everything is linked together and therefore almost impossible to verify that the filter policy is configured correctly.
Given the current workbench diagramming capabilities, the approach you have diagramed is probably the best compromise we can hope for but it is far from ideal especially when the scan filter configuration contains a couple of dozen components (or more).
The issue of providing more details about why a message has been quarantined can be addressed by defining more granular filters and naming them appropriately. For example, if we want to block certain attachments we can list them all in a Fingerprint filter but then the digest will simply show the filter name. The other approach is to make the filter more specific: we can define one Fingerprint filter for PDFs and another one for AVIs and name them accordingly. This approach will identify the specific attachment type that caused the message to be quarantined but it will greatly increase the complexity of the scan filter configuration.
When I'm working on a complex scan filter configuration, I almost always focus on a section of related components and not the whole configuration. It would be much easier to create and manage a complex scan filter configuration if we could: