Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Depending on your requirements, perform the following actions on messages:

Delete

Release

Delay Scheduled Exit from quarantine

Send a copy of messages to email addresses that you specify

For information about the centralized File Analysis quarantine, see 

. 

You can use X-Headers to mark messages with actions and results of message processing steps. You tag 
messages with X-Headers in mail policies, then use content filters to choose handling options and final 
actions for these messages. 

Values are case-sensitive. 

To send notifications to end users when a suspect attachment or its parent message has been dropped 
based on file reputation scanning, use an X-header or Custom Header and Content Filters.

If you use centralized management, you can enable Advanced Malware Protection and mail policies at 
the cluster, group and machine level. 

Feature keys must be added at the machine level. 

X-Amp-Result Clean

Malicious

Unscannable

Verdict applied to messages processed by the 
file reputation service. 

X-Amp-Original-Verdict

file unknown

verdict unknown

Verdict before adjustment based on reputation 
threshold. This header exists only if the 
original verdict is one of the possible values. 

X-Amp-File-Uploaded

true

false

If any file attached to a message was sent for 
analysis, this header is "true."