User Guide
10-4
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 10 Mail Policies
Matching Users to a Mail Policy
First Match Wins
Each user (sender or recipient) is evaluated for each mail policy defined the appropriate mail policy table
in a top-down fashion.
For each user, the first matching policy wins. If a user does not match any specific policy, user will
automatically match the default policy of the table.
If a match is made based on a sender address, all remaining recipients of a message will match that
policy. (This is because there can be only one sender per message.)
Examples of Policy Matching
The following examples help show how the policy tables are matched in a top-down fashion.
Given the following Incoming Mail Email Security Policy table shown in Table 10-1, incoming
messages will match different policies.
Related Topics
• Example 1, page 10-4
• Example 2, page 10-4
• Example 3, page 10-5
Example 1
A message from sender bill@lawfirm.com sent to recipient jim@example.com will match policy #2,
because the user description matches the sender (
@lawfirm.com) and the recipient (ANY).
Example 2
Sender joe@yahoo.com sends an incoming message with three recipients: john@example.com,
jane@newdomain.com, and bill@example.com:
Table 10-1 Policy Matching Example
Order Policy Name
Users
Sender Recipient
1 special_people ANY
joe@example.com
ann@example.com
2 from_lawyers @lawfirm.com ANY
3 acquired_domains ANY @newdomain.com
@anotherexample.com
4 engineering ANY PublicLDAP.ldapgroup:
engineers
5 sales_team ANY jim@
john@
larry@
Default Policy ANY ANY