/
Content Analysis - Inbound Mail

Content Analysis - Inbound Mail

May 18, 2026

If you make setting changes, allow a few minutes for the changes to take effect.

Email Gateway Defense enables administrators to set custom content filters for inbound messages based on message content and attachment file name or MIME type, and specify whether to block, quarantine, or ignore password-protected archive files and messages containing password-protected Microsoft or PDF attachments. See the Inbound Settings > Content Policies page for settings.    

Attachment Filters

For inbound mail, you can filter attachments based on File Name or MIME Type.

Note: You can create a targeted exemption for password‑protected attachment blocking by adding an Attachment Filter with the action Ignore for a specific filename or MIME type on the Inbound Settings > Content Policies page. If the attachment matches an Ignore rule, it is exempt from the configured Password Protected Archive, Microsoft, or PDF block or quarantine action.

Password Protected Archive Filtering

For inbound mail, you can select to Block, Quarantine, or Ignore messages containing password‑protected archive attachments. Selecting Ignore means that the service does not inspect or take action on archive attachments that require a password to unpack.

Password Protected Microsoft Documents

For inbound mail, you can select to Block, Quarantine, or Ignore messages containing password‑protected Microsoft document attachments. Selecting Ignore means that the service does not inspect or take action on Microsoft document attachments that require a password to open.

Password Protected PDF Documents

For inbound mail, you can select to Block, Quarantine, or Ignore messages containing password‑protected PDF attachments. Selecting Ignore means that the service does not inspect or take action on PDF attachments that require a password to open.

Message Content Filters  

Note: In the classic user interface, you can add duplicate patterns with different match criteria. However, the new user interface eliminates this option to simplify policy processing. Existing duplicates from the classic user interface will remain active, but you must remove them and create a new policy to change the action for a specific pattern. According to https://documentation.campus.barracuda.com/wiki/spaces/EGD/pages/2850902, Email Gateway Defense evaluates all Allow policies in Message Content Filters first; if no Allow pattern matches, it then evaluates Block and Quarantine policies.

Inbound

Base message content filtering on any combination of subject, headers, body, attachments, sender or recipient filters, and you can specify actions to take with messages based on pre-made patterns (regular expressions) in the subject line, headers, message body, sender or recipient lines. See Regular Expressions for text patterns you can use for advanced filtering.

Attachment Content Filtering is limited to text type files such as most MS Office files, html, pdf files, and other document files.

Note that HTML comments and tags embedded between characters in the HTML source of a message are filtered out so that content filtering applies to the actual words as they appear when viewed in a web browser.

We value your feedback.
If you have questions, suggestions, or feedback on our documentation, contact the Campus Product Documentation team.
For general product inquiries or technical support, please contact the global Barracuda Support team.