Cisco Cisco Email Security Appliance C190 Guía Del Usuario
C-11
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Appendix C Example of Mail Policies and Content Filters
Overview of Incoming Mail Policies
Filtering Messages Based on Content
In this part of the example, you will create three new content filters to be used in the Incoming Mail
Policy table. All of these content filters will be editable by delegated administrators belonging to the
Policy Administration custom user role. You will create the following:
Policy table. All of these content filters will be editable by delegated administrators belonging to the
Policy Administration custom user role. You will create the following:
1.
“scan_for_confidential”
This filter will scan messages for the string “confidential.” If the string is found, a copy of the
message will be sent to email alias
message will be sent to email alias
hr@example.com
, and the message will be sent to the Policy
quarantine area.
2.
“no_mp3s”
This filter will strip MP3 attachments and notify the recipients that an MP3 file was stripped.
3.
“ex_employee”
This content filter will scan for messages sent to a specific envelope recipient address (an
ex-employee). If the message matches, a specific notification message will be sent to the sender of
the message and then the message will be bounced.
ex-employee). If the message matches, a specific notification message will be sent to the sender of
the message and then the message will be bounced.
After creating the content filters, you will then configure each of the policies (including the default
policy) to enable the specific content filters in differing combinations.
policy) to enable the specific content filters in differing combinations.
Quarantining Message with “Confidential” in the Subject
The first example content filter contains one condition and two actions.
Procedure
Step 1
Click the Mail Policies tab.
Step 2
Click Incoming Content Filters.
Step 3
Click the Add Filter button.
Step 4
In the Name field, type
scan_for_confidential
as the name of the new filter.
Filter names can contain ASCII characters, numbers, underscores or dashes. The first character of a
content filter name must be a letter or an underscore.
content filter name must be a letter or an underscore.
Step 5
Click the Editable By (Roles) link, select the Policy Administrator and click OK.
Anti-Virus
Repaired messages: Deliver
Encrypted messages: Drop
Unscannable messages: Drop
Infectious messages: Drop
Repaired messages: Deliver
Encrypted messages: Quarantine
Unscannable messages: Quarantine
Infectious messages: Drop
Virus
Filters
Filters
Enabled, no specific filename
extensions or domains allowed to
bypass
extensions or domains allowed to
bypass
Enable message modification for
all messages
all messages
Enabled with specific filename extensions or
domains allowed to bypass
domains allowed to bypass
Enable message modification for unsigned
messages
messages
Table C-1
Aggressive and Conservative Mail Policy Settings (continued)