We are using a M-Series quarantine applicance as a spam quarantine. It would be a great to use this quarantine also for policy based filtered attachments. I tried to configure this, and indeed with some filter actions (bcc) and a smtp route it is possible to route also filter matching emails to M-Series quarantine.
Generally the problem is, that such emails should not be accessable be the recipient, because some forbidden attachment should not be delivered. So using bbc with an addition drop in a content filter can solve this, only re-routing to M-Series will give access for the users without any control.
But what can I do if I want to deliver the emails from quarantine to the intented recipient? Caused be the bcc re-routing with the content filter the intented recipient is deleted.
Why do I want to do this? Async OS 4.7.x can not be configured to have quarantine only admins. Our helpdesk is responsible for managing forbidden attachments and I do not want to give them access to our C-Series Ironport cluster.
Has anybody solved this problem? Is there something improved in Async OS 5?
Re: Using M-Series quarantine as a policy quarantine
Well there is a chance of doing that. This is untested, but inorder to get the message to the M-Series all you need to do is to insert the header X-ironport-quarantine with any value. To clone the Policy quarantine you need to strip the rcpt to and insert someone like Policy@yourdomain.
The problem is the release of the message. If you do that it will try to release that message to this email address.
There is nothing in 5.0 or 5.1 that will do that out of the box.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...