Can a single message end up in multiple quarantines?
Available Languages
Quarantines are temporary mail repositories for holding messages need further processing.
Depending on the features licensed, a Cisco Email Security Appliance (ESA) will be initially configured with up to three quarantines.
- Outbreak - a quarantine used by Virus Outbreak Filters, created when the Virus Outbreak Filters license key is enabled.
- Virus - a quarantine used by the anti-virus engine, created when the anti-virus license key is enabled.
- Policy - a default quarantine (for example, you can use this to store messages requiring Legal review).
A message can end up in more than one quarantine for a variety of reasons. For example, if there is a filter created to quarantine emails that may contain offensive material to the "Policy" quarantine and a message is received which matches that filter and has an encrypted attachment that cannot be scanned for viruses, this email will end up in both the "Virus" and the "Policy" quarantine.
Note: The policies governing messages that reside in multiple quarantines are "conservative" in that they do not allow a message to be delivered from a quarantine, unless that message has been released from all of the quarantines in which it resides.
For more information about quarantines, see the Email Security End-User Guides.
FeedbackContact Cisco
- Open a Support Case
- (Requires a Cisco Service Contract)