Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
22-16
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 22 Text Resources
Using Text Resources
To use message filter action variables in disclaimers, create a message disclaimer (via the Text Resource
page in the GUI or the
page in the GUI or the
textconfig
command), and reference the variable:
The
add-footer()
action supports non-ASCII text by adding the footer as an inline, UTF-8 coded,
quoted printable attachment.
Disclaimer Stamping and Multiple Encodings
AsyncOS includes a setting used to modify the way disclaimer stamping with different character
encodings works. By default, AsyncOS attempts to place the disclaimers it attaches within the body part
of an email message. You can use a setting configured within the
encodings works. By default, AsyncOS attempts to place the disclaimers it attaches within the body part
of an email message. You can use a setting configured within the
localeconfig
command to configure
the behavior if the encodings of the body part and the disclaimer are different. To understand this setting,
it is helpful to view an email message as consisting of several parts:
it is helpful to view an email message as consisting of several parts:
$MatchedContent
Returns the content that triggered a scanning filter rule (including
filter rules such as
filter rules such as
body-contains
and content dictionaries).
$DLPPolicy
Replaced by the name of the email DLP policy violated.
$DLPSeverity
Replaced by the severity of violation. Can be “Low,” “Medium,”
“High,” or “Critical.”
“High,” or “Critical.”
$DLPRiskFactor
Replaced by the risk factor of the message’s sensitive material
(score 0 - 100).
(score 0 - 100).
$threat_category
Replaced with the type of Outbreak Filters threat, such as
phishing, virus, scam, or malware.
phishing, virus, scam, or malware.
$threat_type
Replaced by a subcategory of the Outbreak Filters threat
category. For example, can be a charity scam, a financial phishing
attempt, a fake deal, etc.
category. For example, can be a charity scam, a financial phishing
attempt, a fake deal, etc.
$threat_description
Replaced by a description of the Outbreak Filters threat.
$threat_level
Replaced by the message’s threat level (score 0 - 5).
$threat_verdict
Replaced by Yes or No, depending on the Message Modification
Threat Level threshold. If the viral or non-viral threat level of a
message is greater than or equal to the message modification
threat level threshold, the value of this variable is set to Yes.
Threat Level threshold. If the viral or non-viral threat level of a
message is greater than or equal to the message modification
threat level threshold, the value of this variable is set to Yes.
Table 22-3
Anti-Virus Notification Variables (continued)
Variable Substituted
With
To: joe@example.com
From: mary@example.com
Subject: Hi!
Headers
<blank line>
Hello!
Body part
This message has been scanned...
First attachment part
Example.zip
Second attachment part