Views:
Cloud Email Gateway Protection comes with a set of default policy rules at the organization level and domain level, as listed in the following tables.

Default Organization-Level Rules

Policy Rule Type
Inbound Rules
Outbound Rules
Virus scan
{{License account name}}: Organization: Virus
  • {{License account name}}: Organization: Global Outbound Policy (Virus)
    Note
    Note
    This rule is not editable.
  • {{License account name}}: Organization: Outbound - Virus
Spam filtering
  • {{License account name}}: Organization: Spam or Phish
  • {{License account name}}: Organization: Newsletter or spam-like
  • {{License account name}}: Organization: Probable BEC threat
  • {{License account name}}: Organization: Writing style BEC threat
  • {{License account name}}: Organization: Global Outbound Policy (Spam or Phish)
    Note
    Note
    This rule is not editable.
  • {{License account name}}: Organization: Outbound - Spam or Phish
Correlated Intelligence
  • {{License account name}}: Organization: Correlated Intelligence Security Risks
  • {{License account name}}: Organization: Correlated Intelligence Anomalies
Not applicable
Content filtering
  • {{License account name}}: Organization: High-risk attachment
  • {{License account name}}: Organization: Exceeding msg size or # of recipients
  • {{License account name}}: Organization: Password protected
  • {{License account name}}: Organization: Outbound - High-risk attachment
  • {{License account name}}: Organization: Outbound - Exceeding msg size or # of recipients

Default Domain-Level Rules

Policy Type
Inbound Rules
Outbound Rules
Virus scan
{{License account name}}: {{Domain name}}: Virus
{{License account name}}: {{Domain name}}: Outbound - Virus
Spam filtering
  • {{License account name}}: {{Domain name}}: Spam or Phish
  • {{License account name}}: {{Domain name}}: Newsletter or spam-like
  • {{License account name}}: {{Domain name}}: Probable BEC threat
  • {{License account name}}: {{Domain name}}: Writing style BEC threat
{{License account name}}: {{Domain name}}: Outbound - Spam or Phish
Correlated Intelligence
  • {{License account name}}: {{Domain name}}: Correlated Intelligence Security Risks
  • {{License account name}}: {{Domain name}}: Correlated Intelligence Anomalies
Not applicable
Content filtering
  • {{License account name}}: {{Domain name}}: High-risk attachment
  • {{License account name}}: {{Domain name}}: Exceeding msg size or # of recipients
  • {{License account name}}: {{Domain name}}: Password protected
  • {{License account name}}: {{Domain name}}: Outbound - High-risk attachment
  • {{License account name}}: {{Domain name}}: Outbound - Exceeding msg size or # of recipients
Besides the preceding default rules, Cloud Email Gateway Protection also presets a built-in policy rule "Global Anti-Virus Rule (Enforced on Unverified Domains)", which is forcibly applied to inbound messages sent to unverified domains.
Note
Note
This rule does not appear on the policy screen, and is visible only in mail tracking logs, policy event logs, and quarantine query details.