Table: How to create content filtering policies describes the process to create a content filtering policy.
Table: How to create content filtering policies
Configure the resources that you want to use in your policy so that they are available when you are ready to create the policy.
Select the template that you want to use for your policy.
You can use a Structured Data policy template, a Described Content policy template, or a blank template.
Define the policy.
Specify a name for your policy and whether to track violations on the dashboard or in reports.
Create the content filtering policy conditions.
Conditions are based on the content of messages. Conditions can specify whether they apply to inbound messages, outbound messages, or both. They can indicate that a violation occurs either when all conditions are met, any condition is met, or a combination of conditions are met.
Conditions can apply to specific areas of the message. They can contain keywords and regular expressions. And you can use specific content filtering resources to create conditions (such as dictionaries, patterns, or records).
Configure the policy actions.
Specify the actions that you want Symantec Brightmail Gateway to take if the policy is violated.
Select the groups for which the policy applies.
Specify the order that you want the policy evaluated.
Policies are evaluated in the order that you specify. The same message can violate more than one policy. Depending on the higher-precedence policy action, the actions for the lower-precedence policy may not apply.
For example, assume that you have a higher-precedence policy whose action is to delete a message. Also assume that you have a lower-precedence policy whose action is to quarantine the message. If a message triggers both policies, Symantec Brightmail Gateway deletes the message, which is the action for the higher-precedence policy. However, since the message is deleted, it cannot be quarantined as specified in the action for the lower-precedence policy.