Manualshelf

User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680
271272273274275276277278279280
9-105
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Examples
Cisco appliances are not susceptible to these third party relay hacks that are often used to exploit
traditional Sendmail/Qmail systems. As many of these symbols (for example
%) can be part of a perfectly
legal email address, Cisco appliances will accept these as valid addresses, verify them against the
configured recipient lists, and pass them on to the next internal server. Cisco appliances do not relay
these messages to the world.
These filters are put in place to protect users who may have open-source MTAs that are misconfigured
to allow relay of these types of messages.
Note You can also configure a listener to handle these types of addresses. See Listening for Connection
Requests by Creating a Listener via the GUI, page 5-8 for more information.
Policy Enforcement Filters
Notify Based on Subject Filter, page 9-105
BCC and Scan Mail Sent to Competitors, page 9-106
Block Specific User Filter, page 9-106
Archive and Drop Messages Filter, page 9-106
Large “To:” Header Filter, page 9-106
Blank “From:” Filter, page 9-107
SRBS Filter, page 9-107
Alter SRBS Filter, page 9-108
Filename Regex Filter, page 9-108
Show SenderBase Reputation Score in Header Filter, page 9-108
Insert Policy into Header Filter, page 9-108
Too Many Recipients Bounce Filter, page 9-109
Notify Based on Subject Filter
This filter sends notification based on whether the subject contains specific words:
search_for_sensitive_content:
if (Subject == "(?i)plaintiff|lawsuit|judge" ) {
notify ("admin@company.com");
}