06-21-2013 01:49 PM
Is there a log on the ironport system that will report the affending word in an email caught in the profanity filter?
08-09-2013 03:35 PM
I haven't used the technology myself, but it looks as if you want the Add Log Entry action with the $MatchedContent variable.
If you are routinely running the logs through a utility like grep*, it might be an idea to add a few more variables like $MID and a token word "SPECIALRULE" to allow you to easily extract and process the hits.
Depending on your throughput, this may have some impact on your log file cycle rate.
* this assumes an external device; whilst far from useless, the CLI grep is quite tame compared to what's possible with a less limited shell.
08-19-2013 05:36 AM
In case you are using a filter to move the offending message to a Policy Quarantine, you can also simply check that message in the quarantine, above the content there will also be a line showing which part was matching.
Hope that helps,
Andreas
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide