Disclaimers
What is a disclaimer?
A disclaimer is a text addendum in an email that informs the recipient about certain circumstances about the processing of the email.
Disclaimer use cases
Disclaimers may be set for the following cases in Email Gateway Security:
- For an email that was allowed (e.g. no infection or sensitive data was found) under Securtiy rules /rule/ SCAN / Allowed actions.
- For an email that was blocked (e.g. infected or sensitive data found) but delivered cause Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Handling of the email is set either to Delete blocked content or Deliver blocked contents. Set the disclaimer for these cases under Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Blocked actions.
- For an email that was blocked due to password protected attachments but was delivered cause Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Handling of the email is set either to Delete blocked content or Deliver blocked contents. Set the disclaimer for this case under Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Encrypted attachments.
- For an email that was disarmed and reconstructed under Securtiy rules /rule/ ZERO-DAY MALWARE PREVENTION / Zero-Day Malware Prevention.
- For an email thats disarm and reconstruction failed under Securtiy rules /rule/ ZERO-DAY MALWARE PREVENTION / Zero-Day Malware Prevention / Override sanitization behavior.
- For an email that has attachments uploaded under Securtiy rules /rule/ UPLOAD ATTACHMENTS / Upload attachments / Upload attachements to MetaDefender Vault / Attachment notice.
- For an email that was bypassed under Securtiy rules /rule/ ADVANCED / Override error handling behavior.
For details see Configuration/Policy.
Disclaimer editor
For each disclaimer Email Gateway Security has a what-you-see-is-what-you-get disclaimer with all needed functionality built-in. For example, it has support for text styles, links and lists.
The position of the disclaimer can be set to before or after the contents of the email.
A disclaimer style can be applied to emphasize content to the user (HTML only).
The alignment of the disclaimer can be changed to left or right aligned clicking the ⊳¶ and ¶⊲ button.
Positions
A disclaimer may be added either
- Before the contents of the original email body (head of the email body) or
- After the contents of the original email body (end of the email body).
Styles
The following built-in styles are supported for disclaimers:
- None: no further formatting of the disclaimer
- Information: the disclaimer is displayed as a blue box
- Warning: the disclaimer is displayed as a yellow box
- Critical: the disclaimer is displayed as a red box
Views
Each disclaimer editor has the following two views:
- HTML: to edit the disclaimer for HTML formatted emails in a what-you-see-is-what-you-get editor,
- PLAIN TEXT: to edit the disclaimer for plain text formatted emails in a text editor.
Disclaimer variables
Variable format
The common format of a variable looks like this: %[<prefix>]<variable_name>[<placeholder>]%
A variable contains three parts:
- prefix: this text will be displayed before the value of the variable if the value is not empty or there is a placeholder defined
- variable_name: the name of the variable
- placeholder: this text will be displayed if the vale of the variable is empty
Examples:
| Variable | Value | Output in disclaimer |
|---|---|---|
| %[]email_subject[]% | Test subject | Test subject |
| %[]email_subject[]% | "" | "" |
| %[Subject: ]email_subject[]% | Test subject | Subject: Test subject |
| %[Subject: ]email_subject[]% | "" | "" |
| %[Subject: ]email_subject[No subject]% | "" | Subject: No subject |
| %[]email_subject[No subject]% | "" | No subject |
| %[]email_subject[No subject]% | Test subject | Test subject |
Available variables
Generally available variables
The following variables are available for any disclaimer:
email_date
Email message date sent
email_sender
Sender email address
email_recipients
Recipient email address(es) (Comma separated if more than one)
email_subject
Email subject
email_message_id
Email message-id header
origin_ip
Email last HOP IP address
scan_verdicts
Email scanning verdics
Specific variables
Emails with encrypted attachments
The following variables are available for disclaimers to emails with encrypted attachments only:
rescan___link_url
Replaced by the Settings > General / Configuration / Public server name (see Configuration/Settings). If the Public server name is not set then the "Your administrator did not set a public server address for rescan" text will be displayed instead.
rescan_link_expiry
Replaced by the Settings > General / Configuration / Rescan link availability value.
rescan_link_expiry_time
Replaced by the date and time value calculated using the Settings > General / Configuration / Rescan link availability value. Calculation method The date and time value is calculated as: (Time of email arrival to Email Gateway Security) + (Settings > General / Configuration / Rescan link availability) UTC or server local time The value of Settings > General / Configuration / Use the server's local timezone affects the format of this value.
Examples: Date format with server local timezone enabled: 2021-09-26 10:39:49 (UTC+02:00) Date format with server local timezone disabled: 2021-09-26 08:39:49 UTC
Sanitized emails
The following wariables are available for emails that have sanitized contents:
hyperlinks
This variable applies when an email got processed by Deep CDR, and disclaimers are enabled for emails with sanitized contents.
The Deep CDR engine in MetaDefender Core (under Inventory > Modules / Deep CDR / Settings / HTML CONFIGURATION / PROCESS HYPERLINK BEHAVIOR) can be configured to return the list of hyperlinks in the processed file.
Example disclaimer with variables
Here is an example disclaimer for blocked contents:
And an example result after sending an infected attachment: