Cisco Cisco Email Security Appliance C650 Guía Del Usuario
9-75
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Actions
Bypass File Reputation Filtering and File Analysis System Actions
The
skip-ampcheck
action instructs the system to allow message to bypass File Reputation Filtering and
File Analysis configured on the system. This action does nothing to the message if File Reputation
Filtering and File Analysis is not configured, or if the message was never flagged to be scanned for File
Reputation Filtering and File Analysis in the first place.
Filtering and File Analysis is not configured, or if the message was never flagged to be scanned for File
Reputation Filtering and File Analysis in the first place.
The following example specifies that messages with PDF attachments should bypass File Reputation
Filtering and File Analysis.
Filtering and File Analysis.
skip_amp_scan:
if (attachment-filetype == 'pdf')
{
skip-ampcheck();
}
Bypass Outbreak Filter Scanning Action
The
skip-vofcheck
action instructs the system to allow the message to bypass the Outbreak Filters
scanning. This action does nothing to the message if Outbreak Filters scanning is not enabled.
The following example specifies that messages received on the listener “private_listener” should bypass
Outbreak Filter scanning.
Outbreak Filter scanning.
Add Message Tag Action
The
tag-message
action inserts a custom term into an outgoing message to use with RSA Email DLP
policy filtering. You can configure a RSA Email DLP policy to limit scanning to messages with the
message tag. The message tag is not visible to recipients. The tag name can contain any combination of
characters from the set
message tag. The message tag is not visible to recipients. The tag name can contain any combination of
characters from the set
[a-zA-Z0-9_-.]
.
For information on configuring a DLP policy to filter messages, see the “Data Loss Prevention” chapter.
The following example inserts a message tag into a message with “[Encrypt]” in the subject. You can
then create a DLP policy that will encrypt messages with this message tag before delivering them if
Cisco Email Encryption is available:
then create a DLP policy that will encrypt messages with this message tag before delivering them if
Cisco Email Encryption is available:
internal_mail_is_safe:
if (recv-listener == 'private_listener') Outbreak Filters
{
skip-vofcheck();
}
Tag_Message:
if (subject == '^\\[Encrypt\\]')
{
tag-message('Encrypt-And-Deliver');
}