Cisco Cisco Email Security Appliance C160 Mode D'Emploi

 illustrates the Email Security Manager in the GUI that maps users 

defined in a policy to specific Anti-Spam, Anti-Virus, Outbreak Filter, DLP, and 
Content Filters settings. 

Email Security Manager policies allow you to create content filters to be applied 
to messages on a per-recipient or per-sender basis. Content filters are similar to 
message filters, except that they are applied later in the email pipeline — after a 
message has been “splintered” into a number of separate messages for each 
matching Email Security Manager policy. The functionality of content filters is 
applied after message filters processing and anti-spam and anti-virus scanning 
have been performed on a message. 

Like regular message filters, you define a name for each content filter. The name 
must be unique to the Incoming or Outgoing Mail Policies table in which it will 
be used. Each Incoming and Outgoing Mail Policies table will have its own, 
singular “master list” of content filters. The order is defined on a per-table basis 
(for incoming or outgoing). However, each individual policy determines which 
particular filters will be executed.