View Categories

Process Policies

1 min read

Process Policies are assigned to managed objects (domains, networks, email objects) and contain several rules regarding how each email that matches the policy are processed. The priority, or which process policy “wins”, will determine which policy is applied. 

 

Required Spam Score #

If the combined spamassassin score is equal to or exceeds the spam score, it is treated as spam. 

 

Append Header #

You may add a custom header to each email that matches this policy. It must be in the format of name:value such as x-my-header: blue peanuts

 

Enable Quarantine #

If an email is considered spam or fails any other check such as file or MIME policies, it will be quarantined. If this option is disabled, the email is discarded. 

 

Allow Encrypted Email and Files #

Some file attachments will be password protected or encrypted. This is common among archive files such as .zip or .arj files. These types of files cannot be inspected, so if they contain a virus or malware payload, it can elude detection and be forwarded to the email user. An endpoint virus detection solution would be the only thing to detect malicious payloads once the file is opened.

Note that emails encrypted using PKI or PGP also fall under this category. 

*This setting is global. It can also be controlled on a per-user basis with the Portal server policy sets.

 

Allow Macros in Files #

Some documents contain macros that can perform malicious actions once opened. The virus scanner can detect most malicious macros, but not every one. For example, a zero-day (just created) macros could elude AV detection. 

Note that files inside of things like password protected zip files cannot be checked to see if they contain macros. 

*This setting is global. It can also be controlled on a per-user basis with the Portal server policy sets.

 

Spoof Protection #

This is a very basic check. It prevents external email from masquerading as one of your internal users. For example, you own example.com. Any email with a from address using example.com will be quarantined. 

If you have external sources such as billing systems that send email using your domain as the sender, turn this option off or create a Network with a different policy that has spoof protection disabled. 

If you also relay email outbound through Mailborder servers, you will need to create a Network policy and assign a separate Process Policy with spoof checks disabled.