Mail Security lets you apply X-headers to the email messages that contain content filtering rule violations or are spam or suspected spam. Symantec Enterprise Vault™ uses the X-headers to search for and retrieve the messages that are archived in the vault. Enterprise Vault is a data warehouse that provides secure, centralized archiving and retrieval of information.
X-headers can only be applied to SMTP transported email messages. X-headers cannot be applied to messages that are scanned in the message store.
Mail Security provides default X-headers that are commonly used by Enterprise Vault. You can modify the default X-headers, or you can create your own. You can apply up to 25 X-headers for a single violation.
When a message triggers one or more violations and the disposition for any of the violations is to delete the message, no X-headers are applied. For example, a message is identified as spam, and the disposition is to reject the message. No X-header is applied to the message.
Table: How X-headers are applied for multiple violations describes how Mail Security handles multiple content filtering violations based on where the violations occur within the message.
Table: How X-headers are applied for multiple violations
Which X-headers are applied
Multiple violations in different parts of a message
Mail Security applies X-headers for each rule that is violated for each message part.
Message parts include:
A single message violates a content filtering rule for message body and a separate content filtering rule for subject. Mail Security applies the X-headers that you specify for the message body rule and the X-headers that you specify for the subject rule.
In this example, the message can have up to 50 X-headers applied to it. You can apply up to 25 X-headers for the message body violation and up to 25 X-headers for the subject violation.
Multiple violations for the same message part
When a message triggers multiple violations for the same message part, Mail Security applies only the X-headers that you specify for the first rule that is triggered.
A message triggers violations for two different attachment content rules. Mail Security only applies the X-headers for the first rule that was violated.