Email Security - Message Splintering Tidbit

In this tidbit I want to cover message splintering as it is crucial component in message processing with the ESA. The main goal of message splintering is to allow the ESA to apply independent security rules to a message with multiple recipients.


The splintering mechanism will allow the ESA to evaluate each recipient for each policy in the respective mail policy table. Any policy that matches a message creates a new message with the respective recipients, which is defined as message splintering.


An overview of message splintering:


-Some recipients will match different policies.

-Recipients become grouped together according to policies they matched.

-Messages are split into a number of messages equal to the number of policies that matched.

-Recipients are matched to the appropriate splinter

-Note that if all recipients match the same policy, there is no message splintering

-Once policy matches and message splintering occurs, each message is then processed through the remaining portion of the email pipeline


For more on email pipeline see the <esa> tag! Cheers!

0 comments

Recent Posts

See All

In this tidbit I want to cover some high level notes on general trustsec items as well as some good-to-knows. A brief overview of what trustsec is: TrustSec provides scalable access controls by uniqu

In this tidbit I will cover some ESA nice-to-know CLI commands & their purposes: > status = view counters/gauges; counters are a total of various events in the system; gauges show current utilization