Email Protection Administrator Guide Email Filtering Policies
November 2012 Proprietary: Not for use or disclosure outside McAfee without written permission 9
Based on the defined policy configuration, each email that violated the specified policy
can have any of the following actions taken, depending on the type of policy:
Action Description
Quarantine The email is added to the respective quara
ntine area and is not sent to
the recipient email address. If the email violated a spam policy, the
email is reported in the user’s Spam Quarantine Report.
Tag The subject line of the email has a descri
ptive phrase (for example,
“[SPAM]”) added to the beginning of the subject text and the email is
sent to the recipient email address.
Deny Delivery The email is blocked automatically. Depending on the sending system’s
co
nfiguration, the email sender may or may not be notified with a 5xx
Deny email.
Do Nothing or Allow
D
elivery
The email is forwarded to the recipient email address with no
processing applied. The values in the reports and the
Overview
window will be incremented for the relevant email policy to indicate
that an email did trigger the specific policy.
Silent Copy A copy of the email is forwarded to a list of designated email address
es
with no notification to the sender or recipient.
Strip Attachment If the email had an attachment that vi
olated configured policies, this
action causes that attachment to be removed from the email and the
email is be sent to the recipient email address. Text is inserted into the
email notifying the recipient that an attachment has been stripped. Only
the attachment that violated the policy is stripped.
Clean If the email had an attachment that
contained a virus or worm, this
action attempts to remove the virus or worm and preserve the
attachment. If the clean is successful, text is inserted into the email
notifying the recipient that an attachment had contained a virus and
was cleaned. If this action is selected, a second fall-back action also
must be designated in case the Clean action fails. This action is specific
to the virus filtering policies.
Custom X-Header If the email was determined to have a high or medium likelihood of
being
spam, you can configure that a custom X-header be inserted into
the email. This X-header can be used by your email servers to perform
additional actions within your network, such as redirecting the email.
Each spam likelihood can have a different custom X-header. This
action is specific to the spam filtering policies.
Disable Filter A non-administrator user cannot disable virus filtering if it is licensed
and enabled
for a specific Domain or policy set. Only Administrators
can enable or disable virus filtering for a specific Domain or policy set.
You can designate that Email Protection first attempts to remove the
virus
from an infected attachment, and if the clean fails, perform
another action. You can designate that only the infected attachment is
stripped. and the remaining email contents and attachments are sent to
the recipient.