Part Two: External Hosts

The second part of the policy script handles messages from external hosts. Depending on message content, this part of the policy script scans for viruses and suspect attachments. The Manager screen shot shows where to edit virus-checking rules and actions for messages from external hosts. A step-by-step description of this part of the policy is provided below.

Description:

Messages not originating from a relay defined in the Internal Hosts list are assumed to be from an external host. Messages from external hosts are scanned for viruses and suspect attachments in this part of the policy script, as follows:

  • A header is added to the message (X-PMX-Version and the PureMessage version number).
  • The size of the message is written to the message log.
    1. If the message contains an IP address that belongs to the Sophos blocklist:
      • The message is quarantined and a mark is added to the message log indicating that the message contained a blocklisted IP address.
    2. If the message cannot be scanned:
      • Text is added to the subject of the message indicating that message was not scanned and that it may contain a virus.
      • A mark is added to the message log indicating that the message is unscannable.
    3. If the message contains a virus:
      • A copy of the message is written to the quarantine with the reason "Virus".
      • A mark is added to the message log indicating that the message contains a virus.
    4. If the message contains a suspicious attachment:
      • The message is sent to the quarantine with the reason "Suspect".
      • A mark is added to the message log indicating that the message contains a suspect attachment.
      • Message processing stops.