You can achieve this today by using a content filter.
Set the action for "Virus Infected Messages" to be "Deliver As Is", not to add anything to the subject, and not to send any notification. Under Advanced, set "Add Custom Header to Message" to something like Header : X-IsVirus Value : True
In order words, if we get a message with a virus, at this point do nothing other than add a header to it.
Then create a new Content Filter (call it whatever you want) with a condition of : Other Header X-IsVirus Equals True
When you click Add this should show up as : header("X-IsVirus") == "^True$"
In the action for the content filter, select Quarantine and then the quarantine name (I'd suggest creating a new quarantine to use specifically for these messages) or just Drop if you don't want to quarantine it, and then Add Action. Then as a second action select Notify and fill in the relevant values. The Template it will end up using will need to be a Notify Template (as opposed to an Anti-Virus template). After doing all that you should end up with something like :
(Where VirusQ is the name of the quarantine, and VirusTemplate is the name of the template)
Check that the Content Filter is assigned to the default policy, and you should be right to go! You can test it's working by sending an email or using the Trace function in the web GUI with the EICAR test virus to trigger it - http://www.eicar.org/anti_virus_test_file.htm Given that you've configured the default behavior to be that viruses get send through largely untouched it's critical you make sure that the content filter is working as expected!
As the quarantine the message ends up in is a Policy quarantine users will not be able to release it themselves (which is the same as for the virus quarantine). When released it will not be marked in any way other than the extra header - you could add another rule in the content filter to modify the subject if you wanted to.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...