About content filtering


Article ID: 181320


Updated On:


Mail Security for Microsoft Exchange




Mail Security can filter messages and their attachments using the following features:

Content filtering rules

Content filtering rules filter messages and their attachments for the specific content that you specify (for example, offensive language or sensitive information).

Mail Security lets you create the content filtering rules that apply to SMTP inbound and SMTP outbound mail and the Exchange Information Store.

Mail Security can scan for content within the following message parts: message body, subject, sender, attachment name, and attachment content.

You can use the default content filtering rules that Mail Security provides or you can create your own rules. You can individually enable and disable each rule. Mail Security takes the action that you specify in the rule when it detects a violation.

See About creating a content filtering rule.

See About default content filtering rules.

File filtering rules

Mail Security lets you use file filtering rules to filter messages based on attached file names or file types such as multimedia or executable files.

Mail Security uses file filtering rules to enforce email attachment policies.

Mail Security provides the following predefined file filtering rules:

  • File Name Rule

    Blocks the attachments based on the file name that you specify

  • Multimedia File Rule

    Blocks the specific multimedia file attachments

  • Executable File Rule

    Blocks the specific executable file attachments

You can customize the File Name Rule by associating it with a match list to block attachments with specific names included in the match list.

Mail Security handles file filtering violations according to the action that you configure for the rule. Mail Security can notify administrator and senders (internal and external) of file filtering violations. You can customize the notification message.

See About enforcing email attachment policies.

Match lists

Mail Security uses match lists to filter email messages and attachments for specific words and phrases. To implement a match list, you must associate it with a content or file filtering rule. When the rule is enabled, Mail Security scans for the criteria that you specify in the rule, including the words and phrases that are in the associated match list

Mail Security provides preconfigured match lists for use with the File Name Rule or with content filtering rules. You can create new match lists and delete or edit words in an existing match list. Match lists support literal strings, DOS wildcard-style expressions, or regular expressions.

See About match lists.

See About regular expressions.

See About DOS wildcard style expressions.

You can also use match lists to help manage outbreaks. You can configure Mail Security to automatically add the names of outbreak-triggered attachments and outbreak-triggered subject text to match lists. Mail Security uses these match lists with content or file filtering rules to automatically block suspicious file attachments or subjects.

See About outbreak management.

You can specify the action that you want Mail Security to take when it detects a content filtering rule or file filtering rule violation. You can also configure Mail Security to notify the administrator and senders (internal and external) of a violation with a message that you can customize.