There are times when the Threat Defense scanning with Symantec Content Analysis (CA) needs to be bypassed by the Symantec Messaging Gateway (SMG) in order to let certain files or emails through.
There are two approaches to bypass Threat Defense scans. A different solution may be needed based on the end goal.
The first approach is to use recipient groups on inbound mail. Create a Policy Group for the recipients who need to bypass Threat Defense Scanning.
Once a Policy Group is created, go to Administration > Policy Groups > [Your Policy] > Threat Defense. Here you can uncheck or modify the Threat Defense rules for this specific policy group.
The second approach is to create a custom content filter policy to bypass Threat Defense for specific users or specific attachments.
Create a new Content Filter by clicking the Content > Email > "Add"
Select the Blank Policy Template
Name the Policy and determine if the filter will be active on Inbound, Outbound or Inbound and outbound messages
Create a condition for which will trigger the Content Filter
This could be a string included in a file, a file type, certain text, domains, or any other possible condition
Set the action to "Bypass Threat Defense scanning"
Apply to the Policy Group you choose