How Content Rules are Applied

Consider the following content rules as they are applied to the Anyone to My Company route:

• Email passing through this route that does not match another route will be allowed unless one of the rules is true.
• Email passing through this route that contains a virus will cause content rule 1, Drop Messages Containing a Virus, to be triggered. The email will be dropped.
• Email passing through this route that contains encrypted files will cause content rule 2, Hold Messages Containing Encrypted Files and Inform the Recipient, to be triggered. The email will be blocked and the recipient sent a notification email.
• And so on until the end of the rules.

It is important that rules for a given route are configured in the right order. This is important when considering the level of threat and machine processing time and resources. The greater the threat, the higher the rule should be on the rules table.

Show me examples of efficient rules ordering

Consider the following content rules as they are applied to the Anyone to Ann Brown route:

The first rule will scan the email looking for keywords as configured in the rule. However, there is little point in doing this because the second rule will drop the email if a virus is detected. The position of the Add Legal Disclaimer rule also makes this set of rules inefficient as it would make more sense to add this after all other rules have been processed.

A more efficient order for this set of rules would be the following: