Message Filters

Pravar · ‎05-10-2016

Hi

Trying to configure a message filter for the following condition and action

1) If receiving listener is "Incoming Mail" and Remote IP (remote-ip) is x.x.x.x or y.y.y.y AND mail from a specific sender

2) Quarantine the duplicate copy of the message

if recv-listener == "IncomingMail" {
                                       if ((remote-ip == "x.x.x.x") OR
(remote-ip == "y.y.y.y")) AND (mail-from == "^deltaecho@ab\\.xy$")
OR (mail-from == "^kilogram@abc\\.net\\.fe$") {
                                           duplicate-quarantine("test");
                                       }
                                   }

However, when I check the filter through "Trace" feature in ESA, the filter is not applying though the sender IP is x.x.x.x

The ESA C670 OS version is 9.7.1-066

Am I missing anything here? Appreciate your thoughts.

Regards

Mathew Huynh · ‎05-12-2016

Hello Deiva,

I ran this filter and it worked as expected on my lab environment with an actual test of sending an email through to match and not match the conditions.

Trace however does not function properly for remote ip rule when I was doing some testing.

Filtername:
if (recv-listener =="IncomingMail") AND (mail-from =="(?i)(deltaecho@ab\\.xy|kilogram@abc\\.net\\.fe)")
{
if (remote-ip =="x.x.x.x") or (remote-ip =="y.y.y.y")
{
duplicate-quarantine("test");
}
}
.

Regards,

Matthew