Cisco Cisco Email Security Appliance C380 Mode D'Emploi
Chapter 11 Data Loss Prevention
11-366
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
•
Mergers and Acquisitions. Use a list of words or phrases to customize the
Mergers and Acquisitions Codenames classifier, but it is not required. You do
not need to use a regular expression. A match for the Mergers and
Acquisitions Codenames or Merger Keywords classifier is a DLP violation.
Mergers and Acquisitions Codenames classifier, but it is not required. You do
not need to use a regular expression. A match for the Mergers and
Acquisitions Codenames or Merger Keywords classifier is a DLP violation.
For information on how to create a regular expression, see
. For more information on how
content matching classifiers detect DLP violations, see
Filtering Messages for DLP Policies
You have the option of limiting a DLP policy to scanning only messages based on
specific information detected by AsyncOS. DLP policy scanning can be limited
by the following information:
specific information detected by AsyncOS. DLP policy scanning can be limited
by the following information:
•
Senders and recipients
•
Attachment types
•
Message tags
Filtering Senders and Recipients
You can limit the DLP policy to scan messages with specific recipients or senders
in one of the following ways:
in one of the following ways:
•
Full email address:
user@example.com
•
Partial email address:
user@
•
All users in a domain:
@example.com
•
All users in a partial domain:
@.example.com
You can separate multiple entries using a line break or a comma.
For an outgoing message, AsyncOS first matches the recipient or sender to an
outgoing mail policy. After the recipient or sender is matched, RSA Email DLP
then matches the sender or recipient to the DLP policies enabled for the mail
policy.
outgoing mail policy. After the recipient or sender is matched, RSA Email DLP
then matches the sender or recipient to the DLP policies enabled for the mail
policy.