Cisco Cisco Email Security Appliance C170 Weißbuch
© 2016 Cisco and/or its affiliates. All rights reserved.
5
Figure 4. FED Action
Step 4. Prepend the subject header with: [WARNING Possible Business
Email Compromise]
a. Click: Add Action
b. Select: Add/Edit Header
c. In the Header Name field enter: Subject
d. Select: Prepend to the Value of Existing Header
e. Enter: [WARNING Possible Business Email Compromise]
f. Click: OK
g. Click: Submit (See Figure 5.)
b. Select: Add/Edit Header
c. In the Header Name field enter: Subject
d. Select: Prepend to the Value of Existing Header
e. Enter: [WARNING Possible Business Email Compromise]
f. Click: OK
g. Click: Submit (See Figure 5.)
Figure 5. Prepending the Subject Header
Step 5. Apply the filter to an incoming mail policy
a. Click: Mail Policies > Incoming Mail Policy.
b. Select the policy to which you want to apply the FED filter. In our
b. Select the policy to which you want to apply the FED filter. In our
example it is the default mail policy.
c. Click: Disabled in the Content Filters column.
d. Select: Enable Content Filters (Customize Settings) in the drop-
d. Select: Enable Content Filters (Customize Settings) in the drop-
down menu.
e. Check the Enable box for the filter you created
(Forged_Email_Detection).
f. Click: Submit and Commit Changes.
Cisco Email Security How-To Guide
How-To Enable Forged Email Detection
Cisco Public