Solved: Re: Notification for recipients if Message is quarantined (AMP) - Service Not Available, Unscannable

Default0815 · ‎03-22-2018

Hi,

we configured our system to quarantine a message if the AMP service is not available or it the message is unscannable.

But the Problem is, that the recipients does not get a notification about a quaranteined message.

How do i configure a Notification?

EDIT:

I changed the AMP behavior to:

1: Insert custom header for AMP Unscannable
2: Create incoming content filter to quarantine emails based on the header + Notify User.
3: Enable content filter on incoming mail policies.

Libin Varghese · ‎03-22-2018

Action for AMP unscannable can be taken based on the configuration steps you mentioned.

I was able to test it on a lab box by passing a password protected rar file.

Thu Mar 22 15:12:12 2018 Info: MID 765 AMP file reputation verdict : UNSCANNABLE

Thu Mar 22 15:12:12 2018 Info: MID 765 Custom Log Entry: AMP Unscannable

Attaching configuration screenshots for your reference.

Regards,

Libin Varghese

View solution in original post

Mathew Huynh · ‎03-22-2018

Hello Unblack,

That setup should work; where ESA unscannable and adding a custom header, with your content filter looking for this custom header to generate that notification.

May i ask if you could share the custom header setup you have, content filter configured and message tracking?

Feel free to sanitise the information so your confidential details are not disclosed here.

Thanks,

Matthew

Libin Varghese · ‎03-22-2018