Cisco Cisco Email Security Appliance X1070 Mode D'Emploi
6-4
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 6 Email Security Manager
Given the following Incoming Mail Email Security Policy table shown in
, incoming messages
will match different policies.
Example 1
A message from sender
bill@lawfirm.com
sent to recipient
jim@example.com
will match policy #2,
because the user description that matches the sender (
@lawfirm.com
) appears sooner in the table than the
user description that matches the recipient (
jim@
).
Example 2
Sender
joe@yahoo.com
sends an incoming message with three recipients:
john@example.com
,
jane@newdomain.com
, and
bill@example.com
. The message for recipient
jane@newdomain.com
will
receive the anti-spam, anti-virus, outbreak filters, and content filters defined in policy #3, while the
message for recipient
message for recipient
john@example.com
will receive the settings defined in policy #5. Because the
recipient
bill@example.com
does not match the engineering LDAP query, the message will receive the
settings defined by the default policy. This example shows how messages with multiple recipients can
incur message splintering. See
incur message splintering. See
for more information.
Example 3
Sender
bill@lawfirm.com
sends a message to recipients
ann@example.com
and
larry@example.com
.
The recipient
ann@example.com
will receive the anti-spam, anti-virus, outbreak filters, and content filters
defined in policy #1, and the recipient
larry@example.com
will receive the anti-spam, anti-virus,
outbreak filters, and content filters defined in policy #2, because the sender (
@lawfirm.com
) appears
sooner in the table than the user description that matches the recipient (
jim@
).
Message Splintering
Intelligent message splintering (by matching policy) is the mechanism that allows for differing
recipient-based policies to be applied independently to message with multiple recipients.
recipient-based policies to be applied independently to message with multiple recipients.
Each recipient is evaluated for each policy in the appropriate Email Security Manager table (incoming
or outgoing) in a top-down fashion.
or outgoing) in a top-down fashion.
Each policy that matches a message creates a new message with those recipients. This process is defined
as message splintering:
as message splintering:
Table 6-1
Policy Matching Example
Order
Policy Name
Users
1
special_people
Recipient:
joe@example.com
Recipient:
ann@example.com
2
from_lawyers
Sender:
@lawfirm.com
3
acquired_domains
Recipient:
@newdomain.com
Recipient:
@anotherexample.com
4
engineering
Recipient:
PublicLDAP.ldapgroup: engineers
5
sales_team
Recipient:
jim@
Recipient:
john@
Recipient:
larry@
Default Policy
(all users)