Hi,
unfortunately I couldn't find a solution to this, so hopefully you are able to help
In our ESA cluster (AsyncOS 14.2.2-004) we use dictionaries to quarantine mails e.g. by links contained in body or attachments.
The filter is a simple body-dictionary-match.
Recently we receive mails with links to bit.ly (which is not filtered), that are expanded by ESA to a URL that is in a dictionary.
Is there a way to also have these expanded URLs examined by the Content Filter?
(this is from message details, ohrmf.app.link would normally get filtered out)
Thanks in advance,
Amélie