Actions you can take on detections
For each scanner and filter settings in a policy, you can specify a primary and secondary action to take on a detection. You can specify what happens to an email message or its attachment, when it triggers a detection.
When a policy rule is triggered based on the scanner or filter settings, MSME acts on the detection based on the primary and secondary action configured.
When configuring actions, at least one primary action must be selected. You can also select a number of secondary actions. For example, if the primary action is deleting the email that triggers a detection, the secondary action might be logging the detection and notifying the administrator.
The available primary actions depend on the type of policy category and scanner or filter settings you configure.
Click Reset, to restore the actions to default settings for the policy category and scanner. |
Action | Definition |
---|---|
Attempt to clean any detected virus or trojan | To clean the email containing a virus or trojan detected by the Anti-Virus Scanner. |
Replace item with an alert | To replace the email that triggered the detection with an alert. |
Delete embedded item | To delete the attachment that triggered the detection in an email. |
Delete message | To delete the email that triggered the detection. |
Allow through | To allow the email to continue to the next scanning phase or reach the end user. |
Score-based action | To take an action based on the spam score. This is available only for the Anti-Spam scanner, where you must select If the spam score is High, Medium or Low. |
Route to System Junk Folder | To route the email detected by the Anti-Spam scanner to the email address specified under . |
Route to User Junk Folder | To route the email detected by the Anti-Spam scanner to the recipient's Junk E-mail folder. |
Reject the Message | To reject the email and send a notification to the user. |
Replace the attachment with an alert | To replace the attachment in an email message with an alert, if the Mail Size Filtering scanner is triggered when the attachment size exceeds. |
Replace all attachments with a single alert | To replace the email message containing multiple attachments with a single alert, if the Mail Size Filtering scanner is triggered when the attachment count exceeds. |
Do not allow changes to break the signature | To stop MSME from breaking the signature, when an email message containing Signed Content is detected. |
Allow changes to break the signature | To allow MSME to break the signature, when an email message containing Signed Content is detected. |
Action | Definition | ||
---|---|---|---|
Log | To record the detection in a log. | ||
Quarantine | To store a copy of the email that triggered the detection, in the quarantine database. To view all quarantined items, go to
Select
Forward Quarantined email to send the email to a specific reviewer or distribution list, based on the detection category. To configure notifications based on the detection category, go to
.
|
or the specific detection category.
||
Notify administrator | To send a copy of the email to the administrator specified under Administrator E-mail from . | ||
Notify internal sender | To send an alert message to the internal sender, if the original email originates within the Exchange server's Authoritative Domain. | ||
Notify external sender | To send an alert message to the sender, if the original email message does not originate within the Exchange server's Authoritative Domain. | ||
Notify internal recipient | To send an alert message to the recipient, if the recipient is within the Exchange server's Authoritative Domain. | ||
Notify external recipient | To send an alert message to the recipient, if the recipient is not within the Exchange server's Authoritative Domain. |