Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1996
Views
5
Helpful
3
Replies

ignore specific text in outgoing emails and continue scanning

DavidBarnes29511
Level 1
Level 1

‎01-14-2021 07:17 AM

Working in a C170 ESA. AsyncOS 11.0.3-251. Many incoming emails have a disclaimer text added by the sender's email provider or security service. I need to be able to ignore this text because when we reply to the email, the disclaimer text quarantines the outgoing email. I tried adding the text as "exclude" in the DLP rule, but that did not work. I am guessing the disclaimer is a specific header that maybe I could tell the ESA to ignore? The main one causing the problem has a link in their disclaimer that has a character string that is on our list to quarantine.

Labels:
3 Replies 3

Libin Varghese
Cisco Employee
Cisco Employee

‎01-19-2021 02:48 AM

Specific sections of the email cannot be currently ignored from scanning, you would need to bypass scanning completely for such email if its a trusted sender.

 

Regards,

Libin

0 Helpful

DavidBarnes29511
Level 1
Level 1
In response to Libin Varghese

‎01-20-2021 11:36 AM

So I can scan an email for specific text and make it quarantine based on that text, but I can't scan for specific text and have it ignore that text? Basically if an email says "I like pizza" I can have a rule to quarantine it, but I can't tell the ESA to ignore that phrase completely?

0 Helpful

Libin Varghese
Cisco Employee
Cisco Employee

‎01-21-2021 07:57 AM

Filters can be used to look for a particular text and take action of bypassing other filters or quarantine/drop the email.

Filters cannot be used to look for a particular text and bypass scanning for certain section of the email while continuing scanning rest of the email.

 

Regards,

Libin

0 Helpful
Customers Also Viewed These Support Documents