McAfee SMEFCE-AI-DA Administration Guide - Page 17

Quarantine, Deny Delivery, Do Nothing or Allow, Delivery, Silent Copy, Strip Attachment, Clean

Get McAfee SMEFCE-AI-DA - Email Security Service Inbound PDF manuals and user guides View all McAfee SMEFCE-AI-DA manuals
Add to My Manuals
Save this manual to your list of manuals

Page 17 highlights

Email Protection Administrator Guide Email Filtering Policies Based on the defined policy configuration, each email that violated the specified policy can have any of the following actions taken, depending on the type of policy: Action Quarantine Tag Deny Delivery Do Nothing or Allow Delivery Silent Copy Strip Attachment Clean Custom X-Header Disable Filter Description The email is added to the respective quarantine area and is not sent to the recipient email address. If the email violated a spam policy, the email is reported in the user's Spam Quarantine Report. The subject line of the email has a descriptive phrase (for example, "[SPAM]") added to the beginning of the subject text and the email is sent to the recipient email address. The email is blocked automatically. Depending on the sending system's configuration, the email sender may or may not be notified with a 5xx Deny email. The email is forwarded to the recipient email address with no processing applied. The values in the reports and the Overview window will be incremented for the relevant email policy to indicate that an email did trigger the specific policy. A copy of the email is forwarded to a list of designated email addresses with no notification to the sender or recipient. If the email had an attachment that violated configured policies, this action causes that attachment to be removed from the email and the email is be sent to the recipient email address. Text is inserted into the email notifying the recipient that an attachment has been stripped. Only the attachment that violated the policy is stripped. If the email had an attachment that contained a virus or worm, this action attempts to remove the virus or worm and preserve the attachment. If the clean is successful, text is inserted into the email notifying the recipient that an attachment had contained a virus and was cleaned. If this action is selected, a second fall-back action also must be designated in case the Clean action fails. This action is specific to the virus filtering policies. If the email was determined to have a high or medium likelihood of being spam, you can configure that a custom X-header be inserted into the email. This X-header can be used by your email servers to perform additional actions within your network, such as redirecting the email. Each spam likelihood can have a different custom X-header. This action is specific to the spam filtering policies. A non-administrator user cannot disable virus filtering if it is licensed and enabled for a specific Domain or policy set. Only Administrators can enable or disable virus filtering for a specific Domain or policy set. You can designate that Email Protection first attempts to remove the virus from an infected attachment, and if the clean fails, perform another action. You can designate that only the infected attachment is stripped. and the remaining email contents and attachments are sent to the recipient. November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission 9

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
  • 109
  • 110
  • 111
  • 112
  • 113
  • 114
  • 115
  • 116
  • 117
  • 118
  • 119
  • 120
  • 121
  • 122
  • 123
  • 124
  • 125
  • 126
  • 127
  • 128
  • 129
  • 130
  • 131
  • 132
  • 133
  • 134
  • 135
  • 136
  • 137
  • 138
  • 139
  • 140
  • 141
  • 142
  • 143
  • 144
  • 145
  • 146
  • 147
  • 148
  • 149
  • 150
  • 151
  • 152
  • 153
  • 154
  • 155
  • 156
  • 157
  • 158
  • 159
  • 160
  • 161
  • 162
  • 163
  • 164
  • 165
  • 166
  • 167
  • 168
Email Protection Administrator Guide
Email Filtering Policies
November 2012
Proprietary:
Not for use or disclosure outside McAfee without written permission
9
Based on the defined policy configuration, each email that violated the specified policy
can have any of the following actions taken, depending on the type of policy:
Action
Description
Quarantine
The email is added to the respective quarantine area and is not sent to
the recipient email address. If the email violated a spam policy, the
email is reported in the user’s Spam Quarantine Report.
Tag
The subject line of the email has a descriptive phrase (for example,
“[SPAM]”) added to the beginning of the subject text and the email is
sent to the recipient email address.
Deny Delivery
The email is blocked automatically. Depending on the sending system’s
configuration, the email sender may or may not be notified with a 5xx
Deny email.
Do Nothing or Allow
Delivery
The email is forwarded to the recipient email address with no
processing applied. The values in the reports and the
Overview
window will be incremented for the relevant email policy to indicate
that an email did trigger the specific policy.
Silent Copy
A copy of the email is forwarded to a list of designated email addresses
with no notification to the sender or recipient.
Strip Attachment
If the email had an attachment that violated configured policies, this
action causes that attachment to be removed from the email and the
email is be sent to the recipient email address. Text is inserted into the
email notifying the recipient that an attachment has been stripped. Only
the attachment that violated the policy is stripped.
Clean
If the email had an attachment that contained a virus or worm, this
action attempts to remove the virus or worm and preserve the
attachment. If the clean is successful, text is inserted into the email
notifying the recipient that an attachment had contained a virus and
was cleaned. If this action is selected, a second
fall-back
action also
must be designated in case the Clean action fails. This action is specific
to the virus filtering policies.
Custom X-Header
If the email was determined to have a high or medium likelihood of
being spam, you can configure that a custom X-header be inserted into
the email. This X-header can be used by your email servers to perform
additional actions within your network, such as redirecting the email.
Each spam likelihood can have a different custom X-header. This
action is specific to the spam filtering policies.
Disable Filter
A non-administrator user cannot disable virus filtering if it is licensed
and enabled for a specific Domain or policy set. Only Administrators
can enable or disable virus filtering for a specific Domain or policy set.
You can designate that Email Protection first attempts to remove the
virus from an infected attachment, and if the clean fails, perform
another action. You can designate that only the infected attachment is
stripped. and the remaining email contents and attachments are sent to
the recipient.