In this tidbit I want to cover message splintering as it is crucial component in message processing with the ESA. The main goal of message splintering is to allow the ESA to apply independent security rules to a message with multiple recipients.
The splintering mechanism will allow the ESA to evaluate each recipient for each policy in the respective mail policy table. Any policy that matches a message creates a new message with the respective recipients, which is defined as message splintering.
An overview of message splintering:
-Some recipients will match different policies.
-Recipients become grouped together according to policies they matched.
-Messages are split into a number of messages equal to the number of policies that matched.
-Recipients are matched to the appropriate splinter
-Note that if all recipients match the same policy, there is no message splintering
-Once policy matches and message splintering occurs, each message is then processed through the remaining portion of the email pipeline
For more on email pipeline see the <esa> tag! Cheers!