How do I control body and attachment scanning in filters?
The scanconfig command controls the behavior of body and attachment scanning, including specifying the encodings to use when scanning attachments and which attachment types should be skipped when scanning.
The scanconfig command sets these parameters:
MIME types of video/*, audio/*, image/* or anything that appears to be a PDF file are skipped (not scanned for content).
Nested (recursive) archive attachments up to 50 levels are scanned. (The default is 5 levels.).
The maximum size for attachments to be scanned is 25 MB; anything larger will be skipped. (The default is 5 MB and Value must be an integer from 0 to 26214400)
Attachments that were not scanned are assumed to not match the search pattern. (This is the default behavior.)
Note - When setting the assume the attachment matches the search pattern to Y, messages that cannot be scanned will cause the message filter rule to evaluate to true. This could result in unexpected behavior, such as the quarantining of messages that do not match a dictionary, but were quarantined because their content could not be correctly scanned.
For more information about filters and the scanconfig command, see the AsyncOS Advanced User Guide :