About Rule Scanning Criteria

Rule scanning criteria allow you to specify the conditions that the rule applies to messages scanned by Trend Micro Email Security.

The available criteria are shown in a list in the center of the screen. Some of these criteria have links to screens where you specify the associated details.

Table 1. Basic Criteria


Filter Based on

Available in

Virus Scan > Virus Policy

"Specify at least one detection type"

Detected malware, worms, and other threats by pattern-based scanning.

Inbound and outbound protection

"Specify Predictive Machine Learning settings"

Detected unknown threats by Predictive Machine Learning.

Inbound protection

"Specify advanced settings"

Detected threats by the Advanced Threat Scan Engine.

Inbound protection

Spam Filtering > Spam Policy

" Spam "

Detected spam.

Inbound and outbound protection

"Business Email Compromise (BEC)"

Detected BEC attacks.

Inbound protection

" Phishing and other suspicious content "

Detected phishing and other suspicious content.

Inbound and outbound protection

" Graymail "

Detected graymail messages.

Inbound protection

"Web reputation"

Detected URLs on the web or embedded in email messages that pose security risks.

Inbound and outbound protection

" Social engineering attack "

Detected social engineering attacks.

Inbound protection

Content Filtering

No criteria

All messages.

Inbound and outbound protection

" All Match "

" Any Match "

Specific attribute and content targets.

See Configuring Advanced Criteria.

Inbound and outbound protection

Data Loss Prevention (DLP) > DLP Policy

" Select fields to scan "

" Selected Templates "

Detected DLP incidents.

Outbound protection