Cisco Cisco Email Security Appliance C690 Guia Do Utilizador
4-15
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 4 Quarantines
Working with Messages in System Quarantines
Step 3
Click Search.
Step 4
The results (messages that match all of the specified criteria) are displayed.
You can use the search results in the same way you use the quarantine listings. The search results listing
also allows sorting by Scheduled Exit time. See
also allows sorting by Scheduled Exit time. See
for more
information.
Multi-User Access and System Quarantines
AsyncOS supports delegation of quarantine management by allowing you to specify users from the
Operators, Help Desk Users, and Guests groups, as well as users from custom user roles with quarantine
access privileges, to process messages within quarantines.
Operators, Help Desk Users, and Guests groups, as well as users from custom user roles with quarantine
access privileges, to process messages within quarantines.
For example:
•
the Human Resources team reviews and manages the Policy Quarantine
•
the Legal team manages the Confidential Material Quarantine
These users with access to a quarantine can search for messages in that quarantine and process (release
and/or delete) messages from that quarantine.
and/or delete) messages from that quarantine.
Configuring Multi-User Access
In order to add users to quarantines, the users must already exist. For more information about creating
users and user roles, see the
users and user roles, see the
and
.
Each user may have access to all, some, or none of the quarantines. A user that is not authorized to view
a quarantine will not see any record of its existence in the GUI or CLI listings of quarantines.
a quarantine will not see any record of its existence in the GUI or CLI listings of quarantines.
Multi-User Access and Messages in Multiple Quarantines
The policies governing messages that reside in multiple quarantines are “conservative” in that they do
not allow a message to be delivered from a quarantine, unless that message has been released from all
of the quarantines in which it resides.
not allow a message to be delivered from a quarantine, unless that message has been released from all
of the quarantines in which it resides.
When a message is present in multiple quarantines, releasing a message from a quarantine does not
necessarily cause that message to be delivered. It must first be released from all of the quarantines in
which it resides.
necessarily cause that message to be delivered. It must first be released from all of the quarantines in
which it resides.
If it has been deleted from any quarantine, the message will still be present in other quarantines.
Releasing the message at this point from any other quarantine will not cause the message to be delivered.
Releasing the message at this point from any other quarantine will not cause the message to be delivered.
Because a message can be in multiple quarantines, and a user wanting to release the message may not
have access to all of those quarantines, the following rules apply:
have access to all of those quarantines, the following rules apply:
•
A message is not released from any quarantine until it has been released from all of the quarantines
in which it resides.
in which it resides.
•
If a message is marked as Deleted in any quarantine, it is not deliverable from any other quarantine
in which it resides. It can still be released, but it will not be delivered.
in which it resides. It can still be released, but it will not be delivered.
So, if a message is queued in multiple quarantines and a user does not have access to one or more of the
other quarantines:
other quarantines:
•
The user will be informed whether the message is present in each of the quarantines to which the
user has access.
user has access.