IronPort - daily management guide - AsyncOS 7.6.1
You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
Chapter 4 Quarantines<br />
OL-25138-01<br />
Step 3 Click Search.<br />
Step 4 The results (messages that match all of the specified criteria) are displayed.<br />
Working with Messages in System Quarantines<br />
You can use the search results in the same way you use the quarantine listings. The search results listing<br />
also allows sorting by Scheduled Exit time. See Processing Messages in a Quarantine, page 4-9 for more<br />
information.<br />
Multi-User Access and System Quarantines<br />
<strong>AsyncOS</strong> supports delegation of quarantine <strong>management</strong> by allowing you to specify users from the<br />
Operators, Help Desk Users, and Guests groups, as well as users from custom user roles with quarantine<br />
access privileges, to process messages within quarantines.<br />
For example:<br />
Configuring Multi-User Access<br />
the Human Resources team reviews and manages the Policy Quarantine<br />
the Legal team manages the Confidential Material Quarantine<br />
These users with access to a quarantine can search for messages in that quarantine and process (release<br />
and/or delete) messages from that quarantine.<br />
In order to add users to quarantines, the users must already exist. For more information about creating<br />
users and user roles, see the Working with User Accounts, page 8-12 and Managing Custom User Roles<br />
for Delegated Administration, page 8-26.<br />
Each user may have access to all, some, or none of the quarantines. A user that is not authorized to view<br />
a quarantine will not see any record of its existence in the GUI or CLI listings of quarantines.<br />
Multi-User Access and Messages in Multiple Quarantines<br />
The policies governing messages that reside in multiple quarantines are “conservative” in that they do<br />
not allow a message to be delivered from a quarantine, unless that message has been released from all<br />
of the quarantines in which it resides.<br />
When a message is present in multiple quarantines, releasing a message from a quarantine does not<br />
necessarily cause that message to be delivered. It must first be released from all of the quarantines in<br />
which it resides.<br />
If it has been deleted from any quarantine, the message will still be present in other quarantines.<br />
Releasing the message at this point from any other quarantine will not cause the message to be delivered.<br />
Because a message can be in multiple quarantines, and a user wanting to release the message may not<br />
have access to all of those quarantines, the following rules apply:<br />
A message is not released from any quarantine until it has been released from all of the quarantines<br />
in which it resides.<br />
If a message is marked as Deleted in any quarantine, it is not deliverable from any other quarantine<br />
in which it resides. It can still be released, but it will not be delivered.<br />
So, if a message is queued in multiple quarantines and a user does not have access to one or more of the<br />
other quarantines:<br />
The user will be informed whether the message is present in each of the quarantines to which the<br />
user has access.<br />
Cisco <strong>IronPort</strong> <strong>AsyncOS</strong> 7.6 for Email Daily Management Guide<br />
4-15