Cisco Cisco Email Security Appliance X1070 Mode D'Emploi
C-8
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Appendix C Example of Mail Policies and Content Filters
Overview of Incoming Mail Policies
Step 2
On the anti-spam security service page, change the value for “Enable Anti-Spam Scanning for this
Policy” from “Use Default Settings” to “Use Anti-Spam service.”
Policy” from “Use Default Settings” to “Use Anti-Spam service.”
Choosing “Use Anti-Spam service” here allows you to override the settings defined in the default
policy.
policy.
Step 3
In the “Positively-Identified Spam Settings” section, change the “Apply This Action to Message” to
“Drop.”
“Drop.”
Step 4
In the “Suspected Spam Settings” section, click Yes to enable suspected spam scanning.
Step 5
In the “Suspected Spam Settings” section, change the “Apply This Action to Message” to “Spam
Quarantine.”
Quarantine.”
Note
Selecting the Spam quarantine forwards mail according to the settings defined in the Spam
Quarantine chapter.
Quarantine chapter.
Step 6
In the “Add text to subject” field, click None.
Messages delivered to the Spam quarantine will have no additional subject tagging.
Step 7
In the “Marketing Email Settings” section, click Yes to enable scanning for marketing mail from
legitimate sources.
legitimate sources.
Step 8
In the “Apply This Action to Message” section, select “Spam Quarantine.”
Step 9
Submit and commit your changes.
Not that the shading shows that the policy is using different settings than the default policy.
At this point, any message that is suspected spam and whose recipient matches the LDAP query defined
for the sales team policy will be delivered to the Spam Quarantine.
for the sales team policy will be delivered to the Spam Quarantine.
To edit the Outbreak Filter settings for the engineering team policy:
Procedure
Step 1
Click the link for the Outbreak Filters feature security service (the Outbreak Filters column) in the
engineering policy row.
engineering policy row.
Because the policy was just added, the link is named:
(use default)
.
Step 2
On the Outbreak Filters feature security service page, change the scanning setting for the policy to
“Enable Outbreak Filtering (Customize settings).”
“Enable Outbreak Filtering (Customize settings).”
Choosing “(Customize settings)” here allows you to override the settings defined in the default
policy.
policy.
Doing so will also enable the contents of the rest of the page to allow you to select different settings.
Step 3
In the “Bypass Attachment Scanning” section of the page, type
dwg
in the in the file extension field.
The file extension “
dwg
” is not in the list of known file type that the appliance can recognize by its
fingerprint when attachment scanning.
Note
You do not need to type the period (
.
) before the three letter filename extension.
Step 4
Click Add Extension to add
.dwg
files to the list of file extensions that will bypass Outbreak Filters
feature scanning.
Step 5
Click Enable Message Modification.