Cisco Cisco Email Security Appliance C170 Guia Do Utilizador

The following example shows an 

spf-passed

 rule used to quarantine emails that are not marked as 

spf-passed:

Unlike the 

spf-status 

rule, the 

spf-passed

 rule reduces the SPF/SIDF verification values to a simple 

Boolean. The following verification results are treated as not passed in the 

spf-passed

 rule: None, 

Neutral, Softfail, TempError, PermError, and Fail. To perform actions on messages based on more 
granular results, use the 

spf-status

 rule. 

The S/MIME Gateway Message rule checks if a message is S/MIME signed, encrypted, or signed and 
encrypted. The following message filter checks if the message is an S/MIME message and quarantines 
it if the verification or decryption using S/MIME fails.

quarantine_smime_messages:

if (smime-gateway-message and not smime-gateway-verified) {

quarantine("Policy"); 

}

For more information, see 

The S/MIME Gateway Message Verified rule checks if a message is successfully verified, decrypted, or 
decrypted and verified. The following message filter checks if the message is an S/MIME message and 
quarantines it if the verification or decryption using S/MIME fails.

quarantine_smime_messages:

if (smime-gateway-message and not smime-gateway-verified) {

quarantine("Policy"); 

}

For more information, see 

The 

workqueue-count

 rule checks the workqueue-count against a specified value. All the comparison 

operators are allowed, such as 

>

, 

==

, 

<=,

 and so forth. 

         insert-header("Subject", "[POTENTIAL PHISHING] $Subject"); }

.

quarantine-spf-unauthorized-mail:

    if (not spf-passed) {

        quarantine("Policy");

    }