Web access and e-mail gateway policy

[Niklaus Schild <n.schild () gmx ch>]

Hello

I’m looking for examples and ideas on how to setup some special 
policies, which I’ve never seen in the web so far. The policies I’m 
looking for should guide as a reference for configuring web access and 
an e-mail gateways.

The policy should consider the following issues:
 

Web access gateway:
-       scanning of downloaded content
-       blocking of certain file types
-       blocking of certain site categories
-       what happens with infected content
-       log and quarantine management
-       alerting
-       configuration responsibilities
-       configuration change procedure 

e-mail gateway:
-       scanning of e-mails and attachments
-       handling of spam
-       restricting attachment size and type
-       handling of infected attachments
-       log and quarantine management
-       alerting
-       configuration responsibilities
-       configuration change procedure

any other ideas, considerations or suggestions? Thanks in advance!

Nik