Cisco Cisco Email Security Appliance C170 Betriebsanweisung
9-48
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Rules
Filter syntax when using a
url-category
rule is:
<msg_filter_name>: if url-category ([‘<category-name1>’,’<category-name2>’,…,
‘<category-name3>’],’<url_white_list>’)
{
<action>
}
Where:
•
msg_filter_name
is the name of this message filter.
•
action
is any message filter action.
•
category-name
is the URL category. Separate multiple categories with commas. To obtain correct
category names, look at a URL Category condition or action in a Content Filter. For descriptions and
examples of the categories, see
examples of the categories, see
.
•
url_white_list
is the name of a defined URL list (via the
urllistconfig
command.)
Corrupt Attachment Rule
The Corrupt Attachment rule evaluates to
true
if a message contains corrupt attachment. A corrupt
attachment is an attachment that the scanning engine cannot scan and identified as corrupt.
Related Topics
•
Example
In the following example, if the filter detects a corrupt attachment in a message, the message is
quarantined to Policy Quarantine.
quarantined to Policy Quarantine.
Malformed MIME Headers Rule
The Malformed MIME Headers rule evaluates to
true
if a message contains malformed MIME headers.
Example
The following example shows how to quarantine all the messages with malformed MIME headers:
quarantine_malformed_headers: if (malformed-header)
{
quarantine("Policy");
}
Duplicate Boundaries Verification Rule
You can use the
duplicate_boundaries
rule to detect messages that contain duplicate MIME
boundaries.
quar_corrupt_attach: if (attachment-corrupt) { quarantine("Policy"); }