Cisco Cisco Email Security Appliance X1070 Betriebsanweisung
9-114
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 9 Using Message Filters to Enforce Email Policies
Configuring Scan Behavior
•
The attachment is enabled for metadata scanning. When the scanning engine scans attachments, it
scans the metadata for the regular expression. This is the default setting.
scans the metadata for the regular expression. This is the default setting.
•
The attachment timeout scanning is configured for 60 seconds. The default is 30 seconds.
•
Attachments that were not scanned are assumed to not match the search pattern. (This is the default
behavior.)
behavior.)
•
The
application/(x-)pkcs7-mime
(opaque-signed) parts of a message are converted to
multipart/signed
(clear-signed) to provide the message’s content for processing. The default is not
to convert opaque-signed messages.
Note
When setting the
assume the attachment matches the search pattern
to Y, messages that cannot be
scanned will cause the message filter rule to evaluate to true. This could result in unexpected behavior,
such as the quarantining of messages that do not match a dictionary, but were quarantined because their
content could not be correctly scanned.
such as the quarantining of messages that do not match a dictionary, but were quarantined because their
content could not be correctly scanned.
mail3.example.com> scanconfig
There are currently 5 attachment type mappings configured to be SKIPPED.
Choose the operation you want to perform:
- NEW - Add a new entry.
- DELETE - Remove an entry.
- SETUP - Configure scanning behavior.
- IMPORT - Load mappings from a file.
- EXPORT - Save mappings to a file.
- PRINT - Display the list.
- CLEAR - Remove all entries.
- SMIME - Configure S/MIME unpacking.
[]> setup
1. Scan only attachments with MIME types or fingerprints in the list.
2. Skip attachments with MIME types or fingerprints in the list.
Choose one:
[2]> 2