Custom Emulation Connection Handling Mode

What can I do here?

Use this window to configure the handling mode for SMTP and HTTP services.

Getting Here - Getting Here - Security Policies > Threat Prevention > Policy > Threat Tools > Profiles > Profile > Threat Emulation > Advanced > Custom - configure handling mode depending on the service > Customize

Service Mode Options

Emulation Connection Handling Mode lets you configure Threat Emulation to allow or block a connection while it finishes the analysis of a file. You can also specify a different mode for SMTP and HTTP services.

Background - The connection is allowed and the file goes to the destination even if the emulation is not finished.
Hold - A connection that must have emulation is blocked and Threat Emulation holds the file until the emulation is complete. This option can create a time-delay for users to receive emails and files.
For configurations that use Hold mode for SMTP traffic, we recommend that you an MTA deployment.