Email Security.cloud

We have been a customer for quite some time, but We appear to be severly limited with the capabilities of this product when it comes to securing a modern enterprise again today's email threats.

We can do some very basic blocking based on domain name, but that isnt all that effective today.

I am looking for ideas and suggestions on how we can:

1. Redirect/Report/Block based on certain X-Mailer types.
2. Utilize Regular Expression matching for subject lines and attachment names for redirect/report/block capabilities
3. Ability to utilize Yara rules for a more fine grain approach with this product.

Right now our hands seem to be fairly tied when it comes to combating mail threats with this product.  We frequently see many malicious emails get delivered prior to the block rules kicking in.   We would love to supplement this capability with what we know to be bad to our organization.

Any help is appreciated. 

One of the cloud offering is the service called Email Data Protection. This service may give you the capabilities you are looking for in point 1 and 2. The service is a policy engine allowing you to use, amongst other things, regular expressions for pattern matching in an email (body, headers) and certain type of attachments.
 

Each policy can be configured with a specific action such as block, redirect, copy,  route to, as always as being able to alert recipients and senders should you wish it. You can get a better idea on how the service works by reviewing the below video.

http://www.symantec.com/tv/community/details.jsp?vid=3037566445001