Managing filters
Create and configure filters on the page . A filter in use by a policy can be copied; a filter not in use by a policy can be copied or deleted. Default filters cannot be copied or deleted. See Creating and configuring a filter.
The following predefined default filter types can be used in email analysis:
- The virus filter analyzes an email message and its attachments for the presence of viruses and other threats. See Antivirus.
- The spoofed email filter can help reduce instances of email sender impersonation. See Spoofed email.
- The email attachment filter examines email attachment content to determine the attachment’s true file type. The filter can also detect individual file attachment extensions configured by an administrator. See Email attachment.
- The URL analysis filter examines email content for embedded URLs and classifies them according to a database of known spam URLs. URLs classified by the filter can be removed or modified. See URL analysis.
- The spam filter analyzes email content and compares it against a database of known spam characteristics. A variety of antispam tools are available, including digital fingerprinting, LexiRules, and heuristics analysis tools. See Antispam.
- The commercial bulk email filter analyzes a message to determine whether it was sent from a business for advertising purposes. See Commercial bulk email.
- The advanced file analysis filter inspects email attachment file types that commonly contain security threats. See Advanced file analysis.
- The disclaimer filter is used to add text at the beginning or end of a message. See Disclaimer.
- A custom content filter can be added to examine a message based on configured message component conditions. The Forcepoint Email Security module does not provide a default custom content filter. See Custom content.