Hi,
I've enabled the Malware Policy Contains attachment(s) supported by Disarm with two actions:
1 Hold message in Spam Quarantine
2. Send notification "Notify Users"
Also I have enabled the SPAM Policy If message is spam with the action:
1. Append subject line with " [SPAM]"
The problem comes where a e-mail is spam and also contains an MS Office (w/ malware) file because the user receives the notification and some of them tries to release the mail from quarantine.
Is there any way to "exclude" notification (action 2) if the e-mail has been detected as spam?
How to exclude policies between Reputation, Spam and Malware policies? (I don't have problems with Content)
Thanks!