Cisco Cisco Email Security Appliance C160 Betriebsanweisung
C-10
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Appendix C Example of Mail Policies and Content Filters
Overview of Incoming Mail Policies
At this point, any message that contains an attachment whose file extension is
dwg
— and whose recipient
matches the recipients defined for the engineering team policy — will bypass the Outbreak Filter
scanning and continue processing. Messages that contain links to the example.com domain will not have
their links modified to redirect through the Cisco Security proxy and will not be considered suspicious.
scanning and continue processing. Messages that contain links to the example.com domain will not have
their links modified to redirect through the Cisco Security proxy and will not be considered suspicious.
Finding Senders or Recipients in Mail Policies
Use the “Find Policies” button to search for users already defined in policies defined in the Incoming or
Outgoing Mail Policies pages.
Outgoing Mail Policies pages.
For example, typing
joe@example.com
and clicking the Find Policies button will display results showing
which policies contain defined users that will match the policy.
Click the name of the policy to jump to the Edit Policy page to edit the users for that policy.
Note that the default policy will always be shown when you search for any user, because, by definition,
if a sender or recipient does not match any other configured policies, it will always match the default
policy.
if a sender or recipient does not match any other configured policies, it will always match the default
policy.
Managed Exceptions
Using the steps shown in the two examples above, you can begin to create and configure policies on a
managed exception basis. In other words, after evaluating your organization’s needs you can configure
policies so that the majority of messages will be handled by the default policy. You can then create
additional “exception” policies for specific users or user groups, managing the differing policies as
needed. In this manner, message splintering will be minimized and you are less likely to impact system
performance from the processing of each splinter message in the work queue.
managed exception basis. In other words, after evaluating your organization’s needs you can configure
policies so that the majority of messages will be handled by the default policy. You can then create
additional “exception” policies for specific users or user groups, managing the differing policies as
needed. In this manner, message splintering will be minimized and you are less likely to impact system
performance from the processing of each splinter message in the work queue.
You can define policies based on your organizations’ or users’ tolerance for spam, viruses, and policy
enforcement.
enforcement.
outlines several example policies. “Aggressive” policies are
designed to minimize the amount of spam and viruses that reach end-users mailboxes. “Conservative”
policies are tailored to avoid false positives and prevent users from missing messages, regardless of
policies.
policies are tailored to avoid false positives and prevent users from missing messages, regardless of
policies.
Table C-1
Aggressive and Conservative Mail Policy Settings
Aggressive Settings
Conservative Settings
Anti-Spam
Positively identified spam: Drop
Suspected spam: Quarantine
Marketing mail: Deliver and
prepend “
prepend “
[Marketing]
” to the
subject messages
Positively identified spam: Quarantine
Suspected spam: Deliver and prepend
“
“
[Suspected Spam]
” to the subject of messages
Marketing mail: Disabled