Cisco Cisco Email Security Appliance C190 Guía Del Usuario
9-76
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Actions
Add Log Entry Action
The
log-entry
action inserts customized text into the Text Mail logs at the
INFO
level. The text can
include action variables. You can use this action to insert useful text for debugging purposes and
information on why a message filter performed a certain action. The log entry also appears in message
tracking.
information on why a message filter performed a certain action. The log entry also appears in message
tracking.
The following example inserts a log entry explaining that message was bounced because it possibly
contained confidential company information:
contained confidential company information:
URL Reputation Actions
Use the reputation score of URLs in messages to modify the URLs or their behavior. For important
details and examples, see
details and examples, see
No rule is needed with these actions.
In URL Reputation actions:
•
msg_filter_name
: is the name of this message filter.
•
min_score
and
max_score
are the minimum and maximum scores in the range for which the action
should apply. The applicable range includes the values that you specify.
Minimum and maximum scores must be between
-10.0
and
10.0
.
•
To specify an action when the reputation service does not provide a score, use the corresponding
"no-reputation" version of the action, as shown in the following subsections.
"no-reputation" version of the action, as shown in the following subsections.
•
whitelist
is the name of a defined URL list (via the
urllistconfig
command.) Specifying a
whitelist is optional.
•
In place of
Preserve_signed
, enter 0 or 1:
–
1 - Apply this action to unsigned messages only
–
0 - Apply this action to all messages
If you do not specify a
preserve_signed
value, the action is applied to unsigned messages only.
Related Topics
•
•
•
CompanyConfidential:
if (body-contains('Company Confidential'))
{
log-entry('Message may have contained confidential information.');
bounce();
}