Sophos Email customers using IP-based mailflow rule connectors must migrate to certificate-based configuration by March 31st. To see if you're affected Click Here.

Thread Info
  • State Verified Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 16 subscribers
  • Views 9241 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Header Attribute List

CraigLloyd

Can someone point me in the direction of a list of Email Header attributes I can use in Data Control Policies please?

Help guide doesn't cover this and Sophos Support was unable to advise me on this in a recent call.

Thanks,

Craig



This thread was automatically locked due to age.
  • +1

    Hi  
    Thank you for posting in the Community.

    Email header attributes are a combination of product and non-product specific ones. But as long as it is a header, you should be able to pick it for triggering a policy.
    The Sophos ones will usually have a "sophos" mentioned but the regular email headers like "content-type", "to:", "from:", etc. can also be used. So this may be why there is no "list of email header attributes" since you can pick one of the headers and enter the value that will trigger the DLP rule. 

  • 0 in reply to josepalad

    Hi,

    Thanks for the explanation above, is the header attribute box case sensitive?

    e.g. Will "TO:, "To:", "to:" all work the same?

    Do I need to include the ":" or will "to", "TO", "To" work the same?

    It's mainly guidance on syntax I was hoping to gain from a list of attributes

    Thanks,

    Craig

  • 0

    Any header in a message with the exception of headers added by Sophos protection can be edited. You can inspect and act upon any message header including custom headers so there is no standard list.

  • 0 in reply to CraigLloyd

     Based on my tests, its not case sensitive. By the way, when you enter the header don't include the punctuation mark ":"

Unfiltered HTML