Cisco Cisco Email Security Appliance C650 Guía Del Usuario
Chapter 6 Email Security Manager
6-194
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
query, the message will receive the settings defined by the default policy. This
example shows how messages with multiple recipients can incur message
splintering. See
example shows how messages with multiple recipients can incur message
splintering. See
for more information.
Example 3
Sender
bill@lawfirm.com
sends a message to recipients
ann@example.com
and
larry@example.com
. The recipient
ann@example.com
will receive the anti-spam,
anti-virus, virus outbreak filters, and content filters defined in policy #1, and the
recipient
recipient
larry@example.com
will receive the anti-spam, anti-virus, virus
outbreak filters, and content filters defined in policy #2, because the sender
(
(
@lawfirm.com
) appears sooner in the table than the user description that matches
the recipient (
jim@
).
Message Splintering
Intelligent message splintering (by matching policy) is the mechanism that allows
for differing recipient-based policies to be applied independently to message with
multiple recipients.
for differing recipient-based policies to be applied independently to message with
multiple recipients.
Each recipient is evaluated for each policy in the appropriate Email Security
Manager table (incoming or outgoing) in a top-down fashion.
Manager table (incoming or outgoing) in a top-down fashion.
Each policy that matches a message creates a new message with those recipients.
This process is defined as message splintering:
This process is defined as message splintering:
•
If some recipients match different policies, the recipients are grouped
according to the policies they matched, the message is split into a number of
messages equal to the number of policies that matched, and the recipients are
set to each appropriate “splinter.”
according to the policies they matched, the message is split into a number of
messages equal to the number of policies that matched, and the recipients are
set to each appropriate “splinter.”
•
If all recipients match the same policy, the message is not splintered.
Conversely, a maximum splintering scenario would be one in which a single
message is splintered for each message recipient.
Conversely, a maximum splintering scenario would be one in which a single
message is splintered for each message recipient.
•
Each message splinter is then processed by anti-spam, anti-virus, DLP
scanning, Virus Outbreak Filters, and content filters independently in the
email pipeline.
scanning, Virus Outbreak Filters, and content filters independently in the
email pipeline.
pipeline.