Policy refers to the Sophos email or URL filtering rules.
Policies consist of rules made up of tests and actions. As messages or web content passes through the policy engine, they are tested to see if they meet specified criteria. Those that match have a specified action performed on them (for example, Mail With: Unscannable Attachments - Take Action: Quarantine). Rules can relate to the identification and handling of messages or URLs containing: