Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

6-195

Cisco IronPort AsyncOS 7.1 for Email Configuration Guide

OL-22158-02

Chapter 6 Email Security Manager

Note

Email DLP scanning is only available for outgoing messages.

Table 6-2

Message Splintering in the Email Pipeline

Note

New MIDs (message IDs) are created for each message splinter (for example,
MID 1 becomes MID 2 and MID 3). For more information, see the “Logging”
chapter in the Cisco IronPort AsyncOS for Email Daily Management Guide. In
addition, the trace function shows which policies cause a message to be split.

Policy matching and message splintering in Email Security Manager policies
obviously affect how you manage the message processing available on the
appliance.

Managed Exceptions

Because the iterative processing of each splinter message impacts performance,
IronPort recommends using the Incoming and Outgoing Mail Policies tables of
Email Security Manager to configure policies on a managed exception basis. In

rk Qu

eue

Message Filters

(filters)

↓

message for all recipients

Anti-Spam

(antispamconfig,

listenerconfig -> antispam)

il Secu

rity

ana

r Sc

nin

Messages are splintered immediately after
message filter processing but before
anti-spam processing:

message for all recipients

matching policy 1

message for all recipients

matching policy 2

message for all other recipients

(matching the default policy)

Anti-Virus

(antivirusconfig,

antivirusupdate

listenerconfig -> antivirus)

Content Filters

(policyconfig -> filters)

Virus Outbreak Filters

(vofconfig, vofflush, vofstatus)

Data Loss Prevention

(policyconfig)