Cisco Cisco Email Security Appliance C160 User Guide
9-16
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Rules
Signed Certificate
signed-certificate(<field>
[<operator> <regular
expression>])
Does the message signer or X.509 certificate
issuer match a certain pattern? See
issuer match a certain pattern? See
Header Repeats
header-repeats (<target>,
<threshold> [, <direction>])
Returns
true
if at a given point in time, a
specified number of messages:
•
With same subject header are detected in
last one hour.
last one hour.
•
From same envelope-sender are detected in
last one hour.
last one hour.
See
URL Reputation
url-reputation
url-no-reputation
Is the reputation score of any URL in the
message within the specified range?
message within the specified range?
Is a reputation score for a URL unavailable?
See
URL Category
url-category
Does the category of any URL in the message
match the specified categories?
match the specified categories?
See
Corrupt Attachment
attachment-corrupt
Does this message have an attachment that is
corrupt?
corrupt?
See
.
Message Language
message-language
Is the message (subject and body) in one of the
selected languages?
selected languages?
See
Forged Email
Detection
Detection
forged-email-detection("<dic
tionary_name>", <threshold>)
Is the sender address of the message forged? The
rule checks if the From: header in the message is
similar to any of the users in the content
dictionary.
rule checks if the From: header in the message is
similar to any of the users in the content
dictionary.
See
.
Duplicate
Boundaries
Verification
Boundaries
Verification
duplicate_boundaries
Does the message contain duplicate MIME
boundaries?
boundaries?
See
Malformed MIME
Header Detection
Header Detection
malformed-header
Does the message contain malformed MIME
headers?
headers?
See
a.Attachment filtering is discussed in detail in the section
.
b.Content Dictionaries are discussed in the detail in the “Text Resources” chapter.
Table 9-2
Message Filter Rules
Rule Syntax
Description