Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
10-9
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 10 Mail Policies
Configuring Mail Policies
Managed Exceptions
Using the steps shown in the two examples above, you can begin to create and configure policies on a
managed exception basis. In other words, after evaluating your organization’s needs you can configure
policies so that the majority of messages will be handled by the default policy. You can then create
additional “exception” policies for specific users or user groups, managing the differing policies as
needed. In this manner, message splintering will be minimized and you are less likely to impact system
performance from the processing of each splinter message in the work queue.
managed exception basis. In other words, after evaluating your organization’s needs you can configure
policies so that the majority of messages will be handled by the default policy. You can then create
additional “exception” policies for specific users or user groups, managing the differing policies as
needed. In this manner, message splintering will be minimized and you are less likely to impact system
performance from the processing of each splinter message in the work queue.
You can define policies based on your organizations’ or users’ tolerance for spam, viruses, and policy
enforcement.
enforcement.
outlines several example policies. “Aggressive” policies are
designed to minimize the amount of spam and viruses that reach end-users mailboxes. “Conservative”
policies are tailored to avoid false positives and prevent users from missing messages, regardless of
policies.
policies are tailored to avoid false positives and prevent users from missing messages, regardless of
policies.
Table 10-3
Aggressive and Conservative Email Security Manager Settings
Aggressive Settings
Conservative Settings
Anti-Spam
Positively identified spam: Drop
Suspected spam: Quarantine
Marketing mail: Deliver and
prepend “
prepend “
[Marketing]
” to the
subject messages
Positively identified spam: Quarantine
Suspected spam: Deliver and prepend
“
“
[Suspected Spam]
” to the subject of messages
Marketing mail: Disabled
Anti-Virus
Repaired messages: Deliver
Encrypted messages: Drop
Unscannable messages: Drop
Infectious messages: Drop
Repaired messages: Deliver
Encrypted messages: Quarantine
Unscannable messages: Quarantine
Infectious messages: Drop
Advanced
Malware
Protection
Malware
Protection
(File Reputation
Filtering and
File Analysis)
Filtering and
File Analysis)
Unscanned attachments: Drop
Messages with Malware
Attachments: Drop
Attachments: Drop
Unscanned attachments: Enable X-headers,
then create a content filter to quarantine
messages with X-Amp-Result "Unscannable".
then create a content filter to quarantine
messages with X-Amp-Result "Unscannable".
Messages with Malware Attachments: Drop
Virus
Filters
Filters
Enabled, no specific filename
extensions or domains allowed to
bypass
extensions or domains allowed to
bypass
Enable message modification for
all messages
all messages
Enabled with specific filename extensions or
domains allowed to bypass
domains allowed to bypass
Enable message modification for unsigned
messages
messages