Cisco Cisco Email Security Appliance C170 Betriebsanweisung
6-3
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 6 Email Security Manager
You manage these tables using the Mail Policies > Incoming Mail Policies or Outgoing Mail Policies
pages in the GUI, or the
pages in the GUI, or the
policyconfig
command in the CLI. You can assign individual mail policies to
delegated administrators whose responsibilities include managing your mail system. See the “Common
Administrative Tasks” chapter in Cisco IronPort AsyncOS for Email Daily Management Guide for more
information.
Administrative Tasks” chapter in Cisco IronPort AsyncOS for Email Daily Management Guide for more
information.
Note
DLP scanning can only be performed on outgoing messages.
Policy Matching
As incoming messages are received by listeners on the system, each message recipient matches a policy
in one of the tables, regardless of the number of listeners configured on the system. Matches are based
on either the recipient’s address or the sender’s address:
in one of the tables, regardless of the number of listeners configured on the system. Matches are based
on either the recipient’s address or the sender’s address:
•
Recipient address matches the Envelope Recipient address
When matching recipient addresses, the recipient addresses entered are the final addresses after
processing by preceding parts of the email pipeline. For example, if enabled, the default domain,
LDAP routing or masquerading, alias table, domain map, and message filters features can rewrite
the Envelope Recipient address and may affect whether the message matches a policy in the Email
Security Manager (Anti-Spam, Anti-Virus, Content Filters, and Outbreak Filters).
processing by preceding parts of the email pipeline. For example, if enabled, the default domain,
LDAP routing or masquerading, alias table, domain map, and message filters features can rewrite
the Envelope Recipient address and may affect whether the message matches a policy in the Email
Security Manager (Anti-Spam, Anti-Virus, Content Filters, and Outbreak Filters).
•
Sender address matches:
–
Envelope Sender (RFC821 MAIL FROM address)
–
Address found in the RFC822 From: header
–
Address found in the RFC822 Reply-To: header
Addresses may be matched on either a full email address, user, domain, or partial domain, and addresses
may also match LDAP group membership.
may also match LDAP group membership.
First Match Wins
Each recipient is evaluated for each policy in the appropriate table (incoming or outgoing) in a top-down
fashion.
fashion.
For each recipient of a message, the first matching policy wins. If a recipient does not match any specific
policy, the recipient will automatically match the default policy of the table.
policy, the recipient will automatically match the default policy of the table.
If a match is made based on a sender address (or on the special “Listener” rule created by an upgrade —
see below), all remaining recipients of a message will match that policy. (This is because there can be
only one sender or one listener per message.)
see below), all remaining recipients of a message will match that policy. (This is because there can be
only one sender or one listener per message.)
Examples of Policy Matching
The following examples help show how the policy tables are matched in a top-down fashion.