Cisco Cisco Email Security Appliance X1050 Information Guide

Contributed by Cisco TAC Engineers.
Oct 13, 2014

This document describes how to bypass encryption in a content filter and DLP.

On the Cisco Email Security Appliance (ESA), you have an environment that is required to encrypt based on a
subject field and DLP policy. There are instances that you want to bypass both encryption triggers for a
message.

Create an outgoing content filter that precedes the one that does encryption. From the GUI Mail
Policy > Outgoing Content Filters > Add Filters...

1. 

The condition will be to look for the keyword "[NOENCRYPT]" in the subject.  Choose Add
Condition... and select Subject Header, with "Contains" \[NOENCRYPT\].  (The "\" are for the literal
use of "[", so please enter them.)

2. 

The first actions is to "Add message−tag" and it's value is "NOENCRYPTION."  (This will be used in
the DLP policy steps later).

3. 

Finally the last action is to "Skip Remaining content filters (Final Action)."  (Note, this filter and the
encrypt filter should be the last two in the order list and this filter precedes the encrypt content filter.)
 This should look similar to:

4. 

Submit and Commit your changes at this point.

5. 

From the GUI Mail Policies > Outgoing Mail Policies, click on content filter (enable if disabled) and
put a check mark for your new content filter to enable it.

6. 

From the GUI, Mail Policies > DLP Policy Manager click on your existing DLP policy that does the
encryption.

7.