02-19-2018 11:12 AM - edited 03-20-2019 09:55 PM
When is this going to get fixed? This has impacted several of our users as we have a disclaimer added to every single email so our users know if an email is coming from the outside. I need this fixed ASAP.
02-20-2018 12:52 AM
A workaround should be adding a message body in the content filter which does not add the disclaimer for now.
Via GUI you can do this;
condition
1. Message Body - contains text : ("(?i)text/calendar|BEGIN:VCALENDAR", 1)
or
2. Message Body - contains text : ("(?i)method=REQUEST|METHOD:REQUEST", 1)
Action: Skip Filters.
select: If one or more conditions match"
commit
--------------
If you are using CLI and working with message filters then you could do this:
MeetingRequest: if (body-contains("(?i)text/calendar|BEGIN:VCALENDAR", 1)) OR (body-contains("(?i)method=REQUEST|METHOD:REQUEST", 1)) {
log-entry("No Disclaimer");
skip-filters();
}
Try to bring this filter to a higher position than the other filters with disclaimers
But we all know this is only a workaround and not a fix and Cisco is already working on it.
02-20-2018 05:39 AM
02-27-2018 10:23 AM
I have the same situation. The options aren't really good options. My invites are coming in blank, other than the subject. No attachments, no nothing.
03-01-2018 06:23 AM
I was able to resolve this by removing any disclaimers applied via the ironport appliances and apply them via Exchange transport rules.
03-05-2018 04:04 AM
Here our workaround for incoming calendar invites :
CLISkip_Footerv5: if (header("X-MS-Exchange-Calendar-Originator-Id")) OR ((header("x-ms-exchange-calendar-series-instance-id")) OR ((attachment-filename == "invite.ics") OR
((attachment-filename == ".ics$") OR ((header("X-Barracuda-RBL-Trusted-Forwarder")) OR (body-contains("BEGIN:VCALENDAR", 1)))))) {
skip-filters();
}
Hope that helps.
That filters support gmail, baracuda, office365, Lotus Notes and classical ICAL.
03-05-2018 10:29 AM
03-05-2018 10:31 AM
03-06-2018 08:59 AM
This affects both inbound and outbound meeting invites, correct? We apply disclaimers outbound, and we are seeing this behavior.
03-06-2018 09:01 AM
03-06-2018 09:03 AM
Ah thanks. So it is in both directions. We first noticed it on inbound messages that we were adding headers to, based on content filters. This is bad.
03-06-2018 09:06 AM
03-06-2018 09:11 AM
Mostly spoof warnings, Also there are warnings about encrypted attachments, etc. Tags that tell people how to submit suspected phishing, etc.
03-06-2018 09:43 AM
03-16-2018 10:31 AM
The bug says the status is "fixed", however I do not see an updated version on Cisco's web site. Is this truly fixed? In my ironport there is a version 11.1.0 build 072 available, but that doesn't show up on Cisco's web site either.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide