False Positives with Email Signatures

[Johnny Stork]

We are running defenderMX on a clients gateway machine and there are 
many emails getting tagged as "FRAUD" which I believe are the various 
phishing checks. What is triggering these are messages where people have 
a web site url in their signatures. What is the best way to eliminate 
these false positives without reducing the number/level of checks?

We tried adding the senders email address in 'Is Definately Not Spam" 
but this didnt make any difference.

We are also asking this of FSL but thought there may be other MX users 
here not to mention some "general" suggestions from the MS community