Руководство Пользователя для Cisco Cisco Email Security Appliance C170

White space is not ignored in the Message Subject field. Add spaces after (if 
prepending) or before (if appending) the text you enter in this field to separate 
your added text from the original subject of the message. For example, add the 
text 

[MODIFIED FOR PROTECTION]

 with a few trailing spaces if you are prepending.

The Message Subject field only accepts US-ASCII characters.

If the message’s threat level exceeds the message modification threshold, the 
Outbreak Filters feature rewrites all URLs in the message to redirect the user to 
the Cisco web security proxy’s splash page if they click on any of them. (See 

 for more information.) If the message’s threat level 

exceeds the quarantine threshold, the appliance also quarantines the message. If a 
small scale, non-viral outbreak is in progress, quarantining the message gives 
TOC time to analyze any suspect websites linked from possible outbreak 
messages and determine whether the websites are malicious. CASE uses updated 
Outbreak Rules from SIO to rescan the message to determine if it is part of the 
outbreak. After the retention period expires, the appliance releases the message 
from the quarantine.

AsyncOS rewrites all of the URLs inside a message except for the ones pointing 
to bypassed domains.

The following options are available for URL rewriting:

Enable only for unsigned messages. This option allows AsyncOS to rewrite 
URLs in unsigned messages that meet or exceed the message modification 
threshold, but not signed messages. Cisco recommends using this setting for 
URL rewriting.

The Email Security appliance may rewrite URLs in a 
DomainKeys/DKIM-signed message and invalidate the message’s 
signature if a server or appliance on your network other than the Email 
Security appliance is responsible for verifying the DomainKeys/DKIM 
signature.