You can create content filtering rules to evaluate inbound and outbound email messages based on the following scanning conditions:
Attachment file types, file names, file size, or the number of attachments
Content in email headers, body, or attachments
Sender authentication results
Click Add to create a new rule.
Click a rule name to change the settings.
For more information, see Scanning Conditions for Attachments.
For more information, see Adding Keyword Lists or Expressions.
For sender authentication result settings in content filtering rules to take effect, go to Administration > Sender Filtering/Authentication and click the tab for the authentication protocol (SPF, DKIM Authentication, or DMARC). Then, enable the authentication protocol and select Insert X-Header into email messages.
Deep Discovery Email Inspector matches an email message if an authentication result for each selected sender authentication protocol is matched.
This option is not applicable when Deep Discovery Email Inspector is operating in BCC mode.
For more information, see Policy Actions.
Deep Discovery Email Inspector only sends recipient notifications when you select Send notification and a notification message.
You can configure notification messages on the Notifications screen (go to Policies > Policy Objects > Notifications).
For more information, see Configuring Recipient Notification.
After adding a rule, you can:
Click a rule name to edit the rule settings.
Select a rule and click Delete to remove the selected rule.