4.4.3. Email tags

Email Gateway Security supports adding markers - called tags - to emails, to provide a user-defined notation for emails based on different processing properties of a specific email.

Per rule tags

Tags can be configured separately for each security rule.

Tag syntax

The following restriction are enforced for tag values:

  1. No whitespace is allowed (space, new line, tab, etc.).

  2. No colon ( : ) and backslash ( \ ) is allowed.

Currently there is no restriction on the length of the tags.

Recommended tag values

When a tag is configured to be added to the delivered email’s subject, the following are recommended:

  1. Keep the tags short (at most 10-15 characters),

  2. Use US-ASCII characters only.

Restrictions for email headers

Different standards and RFCs prescribe different restrictions on the length and character sets of email headers, for example the subject.

Please keep in mind, that tags add up to the original subject of the email, and this new subject together must fulfill the requirements in the standards and RFCs.

Tag-able actions and statuses

Tags can be assigned to emails in case of the following actions or statuses, for each rule:

Action or status

Location

Description

Allowed emails

SCAN / Allowed actions

These tags will be applied to emails that are allowed (i.e. have no threat detected, have no DLP violation, have no spam and phishing).

Blocked emails

ADVANCED THREAT PREVENTION / Blocked actions

These tags will be applied to emails that are blocked due to threat detected or DLP violation.

Sanitized emails

ZERO-DAY MALWARE PREVENTION

These tags will be applied to emails with disarmed and reconstructed contents (headers, body or attachments).

Known phishing emails

ANTI-PHISHING

These tags will be applied to emails that are known phishing (for details see 5.7. Phishing and spam).

Potential phishing emails

These tags will be applied to emails that are potential phishing (for details see 5.7. Phishing and spam).

Known spam emails

ANTI-SPAM

These tags will be applied to emails that are known spam (for details see 5.7. Phishing and spam).

Potential spam emails

These tags will be applied to emails that are potential spam (for details see 5.7. Phishing and spam).

Bypassed emails

ADVANCED

These tags will be applied to emails that were bypassed by any reasons (for details see 5.5. Bypassing).

For details see 4.4. Policy.

Adding tags to the email subject

To add a tag to the subject of the emails processed by the rule, enable the Add to subject toggle switch next to the tag name.

images/download/attachments/8465171/image-20201210-074955.png

Disabled when email is blocked

The adding tags to the subject option is disabled under ADVANCED THREAT PREVENTION / Blocked actions when the Handling of the email option is set to Block email.

The reason for this is that in this case no email is delivered, hence no point in adding tags to the header.

images/download/attachments/8465171/image-20201210-075806.png