Table: Condition match criteria describes how Symantec Messaging Gateway evaluates the match criteria (for example, match/does not match) in content filtering policy conditions.
Table: Condition match criteria
Contains/Does not contain
This match is evaluated differently based on its use:
Tests the message content against the words or file extensions that are found in the selected dictionary.
Tests for the user-defined text within the component that is specified. Sometimes called a substring test.
Tests the user-specified number of instances.
Matches regular expression/Does not match regular expression
Tests the message content against user-specified regular expressions. Regular expressions combine alphanumeric characters with metacharacter variables to identify pattern variations.
Matches pattern/Does not match pattern
Tests the message content against known regular-expression patterns such as those found in Social Security numbers or credit card numbers patterns.
Matches data in the record resource
Compares the contents of a message with the data in the selected record.
Starts with/Does not start with
Ends with/Does not end with
Matches exactly/does not match exactly
The regular expression equivalent to ^text.*
The regular expression equivalent to *text.$
The equivalent of match exactly or does not match exactly for the supplied test.
Contains the message part/Does not contain the message part
Tests the message against the user-specified message part to see if the message part exists.
Is equal to/Is greater than/Is less than
Compares the message size or attachment size with the specified number of bytes, kilobytes (KB), or megabytes (MB).
Is in the attachment list/Is not in the attachment list (true file type and class only)
Compares the body part and message attachment to the user-specified attachment list to see if it appears in the list.
Symantec Messaging Gateway evaluates attachments and any objects that are embedded in message bodies for true file type, true file class, file name, file extension, and MIME. For the condition Is not in attachment list, it evaluates attachments and the objects that are embedded in message bodies for true file type and true file class.
Symantec Messaging Gateway does not test for file name, extension, or MIME type because senders can easily forge these items. As such, they are not secure conditions to use in a policy.
Has a file name which contains/Has a file name which does not contain
Compares the file name to the user-specified file name to determine if a match exists.
Has a MIME type which is/Has a MIME type which is not
Tests the message to determine if it is the same as the user-defined MIME type.
Has a file name from dictionary/Has a file name not from dictionary
Compares the file name to file names in the user-specified dictionary to determine if a match exists.
Has a file extension from dictionary/Has a file extension not from dictionary
Compares the file extension to file extensions in the user-specified dictionary to determine if a match exists.