Cisco Cisco Email Security Appliance C190 Guía Del Usuario
9-74
Cisco AsyncOS 9.0 for Email User Guide
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Actions
The following example specifies that messages received on the listener “private_listener” should bypass
Outbreak Filter scanning.
Outbreak Filter scanning.
Add Message Tag Action
The
tag-message
action inserts a custom term into an outgoing message to use with RSA Email DLP
policy filtering. You can configure a RSA Email DLP policy to limit scanning to messages with the
message tag. The message tag is not visible to recipients. The tag name can contain any combination of
characters from the set
message tag. The message tag is not visible to recipients. The tag name can contain any combination of
characters from the set
[a-zA-Z0-9_-.]
.
For information on configuring a DLP policy to filter messages, see the “Data Loss Prevention” chapter.
The following example inserts a message tag into a message with “[Encrypt]” in the subject. You can
then create a DLP policy that will encrypt messages with this message tag before delivering them if
Cisco Email Encryption is available:
then create a DLP policy that will encrypt messages with this message tag before delivering them if
Cisco Email Encryption is available:
Add Log Entry Action
The
log-entry
action inserts customized text into the Text Mail logs at the
INFO
level. The text can
include action variables. You can use this action to insert useful text for debugging purposes and
information on why a message filter performed a certain action. The log entry also appears in message
tracking.
information on why a message filter performed a certain action. The log entry also appears in message
tracking.
The following example inserts a log entry explaining that message was bounced because it possibly
contained confidential company information:
contained confidential company information:
internal_mail_is_safe:
if (recv-listener == 'private_listener') Outbreak Filters
{
skip-vofcheck();
}
Tag_Message:
if (subject == '^\\[Encrypt\\]')
{
tag-message('Encrypt-And-Deliver');
}
CompanyConfidential:
if (body-contains('Company Confidential'))
{
log-entry('Message may have contained confidential information.');