Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
By default, Anti-Virus scanning is enabled in the $TRUSTED mail flow policy for
public listeners, which is referenced by the WHITELIST sender group. See Mail
Flow Policies: Access Rules and Parameters, page 5-11.
Editing the Anti-Virus Settings for a Mail Policy
The process for editing the per-user anti-virus settings for a mail policy is
essentially the same for incoming or outgoing mail.
Individual policies (not the default) have an additional field to “Use Default”
settings. Select this setting to inherit the default mail policy settings.
You enable anti-virus actions on a per-recipient basis using the Email Security
Feature: the Mail Policies > Incoming or Outgoing Mail Policies pages (GUI) or
policyconfig -> antivirus
command (CLI). After you enable anti-virus
settings globally, you configure these actions separately for each mail policy you
create. You can configure different actions for different mail policies.
To edit the anti-virus settings for a mail policy, including the default policy:
Click the link for the anti-virus security service in any row of the Email Security
Manager incoming or outgoing mail policy table.
The Anti-Virus settings page similar to the one shown in Figure9-3 and
Figure 9-4 is displayed.
Click the link in the default row to edit the settings for the default policy.
Figure 9-3 and Figure 9-4 show the settings for an individual policy (not the
Click Yes or Use Default to enable Anti-Virus Scanning for the policy.
The first setting on the page defines whether the service is enabled for the
policy. You can click Disable to disable the service altogether.
For mail policies other than the default, choosing “Yes” enables the fields in
the Repaired, Encrypted, Unscannable, and Virus Infected Messages areas to
Select an Anti-Virus scanning engine. You can select McAfee or Sophos engines.
Configure Message Scanning settings.