Cisco Cisco Email Security Appliance X1050 Troubleshooting Guide
Message Filter Action Descriptions
Here are the message filter action descriptions:
drop−attachments−by−name − Checks the filenames of each attachment in a message to see if it
matches the given regular expression. The filename is taken from the MIME headers. This
comparison is case−sensitive. If one of the message attachments matches the filename, this rule
returns true. If an attachment is an archive, the IronPort C−Series appliance will harvest the file
names from inside the archive and apply scanconfig rules (by default, MIME types of video/*,
audio/* and image/* are not scanned, and nothing over 5 MB is scanned) accordingly.
matches the given regular expression. The filename is taken from the MIME headers. This
comparison is case−sensitive. If one of the message attachments matches the filename, this rule
returns true. If an attachment is an archive, the IronPort C−Series appliance will harvest the file
names from inside the archive and apply scanconfig rules (by default, MIME types of video/*,
audio/* and image/* are not scanned, and nothing over 5 MB is scanned) accordingly.
•
drop−attachments−by−type − Drops all attachments on messages that have a MIME type, determined
by either the given MIME type or the file extension. Archive file attachments (zip, tar) will be
dropped if they contain a file that matches.
by either the given MIME type or the file extension. Archive file attachments (zip, tar) will be
dropped if they contain a file that matches.
•
drop−attachments−by−filetype − Examines attachments based on the fingerprint of the file, and not
just the three−letter filename extension. This is similar to the UNIX file command. In addition to
individual file types that can be specified, the group expressions Compressed, Document, Executable,
Image, and Media include all file types of the general type. For example, the Executable group
includes .exe, .java .msi .pif, .dll, .scr, and.com files. Please refer to the AsyncOS User Guide for a
complete list of file types that can be specified.
just the three−letter filename extension. This is similar to the UNIX file command. In addition to
individual file types that can be specified, the group expressions Compressed, Document, Executable,
Image, and Media include all file types of the general type. For example, the Executable group
includes .exe, .java .msi .pif, .dll, .scr, and.com files. Please refer to the AsyncOS User Guide for a
complete list of file types that can be specified.
•
drop−attachments−by−mimetype − Drops all attachments on messages that have a given MIME type.
This action does not attempt to ascertain the MIME type by file extension, so it also does not examine
the contents of the archives.
This action does not attempt to ascertain the MIME type by file extension, so it also does not examine
the contents of the archives.
•
Updated: Jun 26, 2014
Document ID: 117857