Cisco Cisco Email Security Appliance C650 Guía Del Usuario
4-8
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 4 Understanding the Email Pipeline
Work Queue / Routing
For more information, see the “LDAP Queries” chapter.
Message Filters
Message filters allow you to create special rules describing how to handle messages and attachments as
they are received. Filter rules identify messages based on message or attachment content, information
about the network, message envelope, message headers, or message body. Filter actions allow messages
to be dropped, bounced, archived, quarantined, blind carbon copied, or altered.
they are received. Filter rules identify messages based on message or attachment content, information
about the network, message envelope, message headers, or message body. Filter actions allow messages
to be dropped, bounced, archived, quarantined, blind carbon copied, or altered.
For more information, see the “Using Message Filters to Enforce Email Policies” chapter.
Multi-recipient messages are “splintered” after this phase, prior to Email Security Manager. Splintering
messages refers to creating splinter copies of emails with single recipients, for processing via Email
Security Manager.
messages refers to creating splinter copies of emails with single recipients, for processing via Email
Security Manager.
Email Security Manager (Per-Recipient Scanning)
Safelist/Blocklist Scanning
End user safelists and blocklists are created by end users and stored in a database that is checked prior
to anti-spam scanning. Each end user can identify domains, sub domains or email addresses that they
wish to always treat as spam or never treat as spam. If a sender address is part of an end users safelist,
anti-spam scanning is skipped, and if the sender address is listed in the blocklist, the message may be
quarantined or dropped depending on administrator settings. For more information about configuring
safelists and blocklists, see the “Spam Quarantine” chapter.
to anti-spam scanning. Each end user can identify domains, sub domains or email addresses that they
wish to always treat as spam or never treat as spam. If a sender address is part of an end users safelist,
anti-spam scanning is skipped, and if the sender address is listed in the blocklist, the message may be
quarantined or dropped depending on administrator settings. For more information about configuring
safelists and blocklists, see the “Spam Quarantine” chapter.
Anti-Spam
Anti-spam scanning offers complete, Internet-wide, server-side anti-spam protection. It actively
identifies and defuses spam attacks before they inconvenience your users and overwhelm or damage your
network, allowing you to remove unwanted mail before it reaches your users’ inboxes, without violating
their privacy.
identifies and defuses spam attacks before they inconvenience your users and overwhelm or damage your
network, allowing you to remove unwanted mail before it reaches your users’ inboxes, without violating
their privacy.
Anti-spam scanning can be configured to deliver mail to the Spam Quarantine (either on- or off-box).
Messages released from the Spam Quarantine proceed directly to the destination queue, skipping any
further work queue processing in the email pipeline.
Messages released from the Spam Quarantine proceed directly to the destination queue, skipping any
further work queue processing in the email pipeline.
See
for more information.
Anti-Virus
Your appliance includes integrated virus scanning engines. You can configure the appliance to scan
messages and attachments for viruses on a per-“mail policy” basis. You can configure the appliance to
take actions such as the following when a virus is found:
messages and attachments for viruses on a per-“mail policy” basis. You can configure the appliance to
take actions such as the following when a virus is found:
•
attempt to repair the attachment
•
drop the attachment
•
modify the subject header
•
add an additional X- header
•
send the message to a different address or mailhost