Disclaimers

What is a disclaimer?

A disclaimer is a text addendum in an email that informs the recipient about certain circumstances about the processing of the email.

Disclaimer use cases

Disclaimers may be set for the following cases in Email Gateway Security:

  • For an email that was allowed (e.g. no infection or sensitive data was found) under Securtiy rules /rule/ SCAN / Allowed actions.
  • For an email that was blocked (e.g. infected or sensitive data found) but delivered cause Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Handling of the email is set either to Delete blocked content or Deliver blocked contents. Set the disclaimer for these cases under Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Blocked actions.
  • For an email that was blocked due to password protected attachments but was delivered cause Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Handling of the email is set either to Delete blocked content or Deliver blocked contents. Set the disclaimer for this case under Securtiy rules /rule/ ADVANCED THREAT PREVENTION / Encrypted attachments.
  • For an email that was disarmed and reconstructed under Securtiy rules /rule/ ZERO-DAY MALWARE PREVENTION / Zero-Day Malware Prevention.
  • For an email thats disarm and reconstruction failed under Securtiy rules /rule/ ZERO-DAY MALWARE PREVENTION / Zero-Day Malware Prevention / Override sanitization behavior.
  • For an email that has attachments uploaded under Securtiy rules /rule/ UPLOAD ATTACHMENTS / Upload attachments / Upload attachements to MetaDefender Vault / Attachment notice.
  • For an email that was bypassed under Securtiy rules /rule/ ADVANCED / Override error handling behavior.

For details see Configuration/Policy.

Disclaimer editor

For each disclaimer Email Gateway Security has a what-you-see-is-what-you-get disclaimer with all needed functionality built-in. For example, it has support for text styles, links and lists.

The position of the disclaimer can be set to before or after the contents of the email.

A disclaimer style can be applied to emphasize content to the user (HTML only).

The alignment of the disclaimer can be changed to left or right aligned clicking the and button.

Positions

A disclaimer may be added either

  1. Before the contents of the original email body (head of the email body) or
  2. After the contents of the original email body (end of the email body).

Styles

The following built-in styles are supported for disclaimers:

  1. None: no further formatting of the disclaimer
  2. Information: the disclaimer is displayed as a blue box
  3. Warning: the disclaimer is displayed as a yellow box
  4. Critical: the disclaimer is displayed as a red box

Views

Each disclaimer editor has the following two views:

  1. HTML: to edit the disclaimer for HTML formatted emails in a what-you-see-is-what-you-get editor,
  2. PLAIN TEXT: to edit the disclaimer for plain text formatted emails in a text editor.

Disclaimer variables

Variable format

The common format of a variable looks like this: %[<prefix>]<variable_name>[<placeholder>]%

A variable contains three parts:

  • prefix: this text will be displayed before the value of the variable if the value is not empty or there is a placeholder defined
  • variable_name: the name of the variable
  • placeholder: this text will be displayed if the vale of the variable is empty

Examples:

VariableValueOutput in disclaimer
%[]email_subject[]%Test subjectTest subject
%[]email_subject[]%""""
%[Subject: ]email_subject[]%Test subjectSubject: Test subject
%[Subject: ]email_subject[]%""""
%[Subject: ]email_subject[No subject]%""Subject: No subject
%[]email_subject[No subject]%""No subject
%[]email_subject[No subject]%Test subjectTest subject

Available variables

Generally available variables

The following variables are available for any disclaimer:

email_date

Email message date sent

email_sender

Sender email address

email_recipients

Recipient email address(es) (Comma separated if more than one)

email_subject

Email subject

email_message_id

Email message-id header

origin_ip

Email last HOP IP address

scan_verdicts

Email scanning verdics

Specific variables

Emails with encrypted attachments

The following variables are available for disclaimers to emails with encrypted attachments only:

rescan___link_url

Replaced by the Settings > General / Configuration / Public server name (see Configuration/Settings). If the Public server name is not set then the "Your administrator did not set a public server address for rescan" text will be displayed instead.

rescan_link_expiry

Replaced by the Settings > General / Configuration / Rescan link availability value.

rescan_link_expiry_time

Replaced by the date and time value calculated using the Settings > General / Configuration / Rescan link availability value. Calculation method The date and time value is calculated as: (Time of email arrival to Email Gateway Security) + (Settings > General / Configuration / Rescan link availability) UTC or server local time The value of Settings > General / Configuration / Use the server's local timezone affects the format of this value.

Examples: Date format with server local timezone enabled: 2021-09-26 10:39:49 (UTC+02:00) Date format with server local timezone disabled: 2021-09-26 08:39:49 UTC

Sanitized emails

The following wariables are available for emails that have sanitized contents:

hyperlinks

This variable applies when an email got processed by Deep CDR, and disclaimers are enabled for emails with sanitized contents.

The Deep CDR engine in MetaDefender Core (under Inventory > Modules / Deep CDR / Settings / HTML CONFIGURATION / PROCESS HYPERLINK BEHAVIOR) can be configured to return the list of hyperlinks in the processed file.

Example disclaimer with variables

Here is an example disclaimer for blocked contents:

Copy

And an example result after sending an infected attachment:

Copy
Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard