Cisco Cisco Email Security Appliance C160 Mode D'Emploi

In these examples, AsyncOS inserts headers when the attachments contain specified content. 

In the following example, all of the attachments on the message are scanned for a keyword. If the 
keyword is present in all of the attachments, a custom X-Header is inserted:

In the following example, the attachment is scanned for a pattern in the binary data. The filter uses the 

attachment-binary-contains

 filter rule to search for a pattern that indicates that the PDF document is 

encrypted. If the pattern is present in the binary data, a custom header is inserted:

In the following example, the “executable” group of attachments (

.exe

, 

.dll

, and 

.scr

) is stripped from 

messages and text is added to the message, listing the filenames of the dropped files (using the 

$dropped_filename 

action variable). Note that the 

drop-attachments-by-filetype

 action examines 

attachments and strips them based on the fingerprint of the file, and not just the three-letter filename 
extension. Note also that you can specify a single file type (“mpeg”) or you can refer to all of the 
members of the file type (“Media”):

attach_disclaim:

    if (every-attachment-contains('[dD]isclaimer') ) {

        insert-header("X-Example-Approval", "AttachOK");

    }

match_PDF_Encrypt:

if (attachment-filetype == 'pdf' AND

attachment-binary-contains('/Encrypt')){

strip-header (‘Subject’);

insert-header (‘Subject’, ‘[Encrypted] $Subject’);

}

strip_all_exes: if (true) {

                    drop-attachments-by-filetype ('Executable', “Removed attachment: 

$dropped_filename”);

                }