Hi all,i need to track ALL possible informations about who changed what on ESA.I've enabled history logs, but it only shows a brief description, aside with the username.I've digged into gui_logs or system logs but if the user doesn't make a comment o...
Labels
-
Appliances
(1) -
Buying Recommendation
(4) -
Cisco Bugs
(7) -
Community Feedback Forum
(3) -
Community Ideas
(1) -
Email Security
(6,318) -
Network Management
(1) -
Other Community Feedback
(1) -
Policy and Access
(1) -
Security
(2)
Forum Posts
Resolved! Block Shorten URL
Hi Cisco Support, Our problem is that the attacker attached a picture file and when the user click that picture, it will redirect to a certain shorten url link which hides the real URL and download a malicious file. We found out that the attacker us...
Hello all, until which operation in the ESA workflow (emailrep.-> MaliflowPolicy -> AcceptanceControl -> AS/AV -> Filereputation -> ..) is the connection from the sender on hold (Pre-Queue- Filtering)? Or when does the sender get the final "250 ok" i...
Resolved! CES and LDAP routing
Hi all,we thought about using a LDAP based routing for the SMTP-Call-ahead like its described here in the user guide. So we can do the recipient validation like this:domain1.com -> ask ldap.domain1.comdomain2.com -> ask ldap.domain2.comdomain3.com -...
Hello to all, Just a fast question.We are planning to migrate the current SMA server for the management of Ironport equipment, from the current M100v to an M300v.Would the license allow this model upgrade? Do you know if the configuration of a model ...
Hey,I want to compare fields like this: if(header('To') != rcpt-to) { drop(); } But I receive error message saying that 'rcpt-to' is not STRING. How can I overcome this issue, as I assume bot of these should return string. Or if not, atleast some u...
hi there, was just asked to create a possible block for email in regards to the most recent Apple IOS IOC's.It has been running now for 2 hours and already caught one "bad" email adressed to an IPhone user. AppleIOSTextDetectv2: if recv-listener == "...
Hi,today we started evaluating the ESA AMP File Reputation service. I was really surprised to find that the only options available to deal with malicious emails are "drop" and "deliver as is". No quarantine. Why, Cisco. Why? :-/Surprises aside, there...
Hello, We would like to get SSO working for logging into SMA. We currently have is setup for Spam Quarantine in SMA but would like to get it working for the Administrative side. I followed the instructions that were provided in Ver 13 for ESA SSO, ch...
I need to know if it is possible to use TLS for outgoing mail by using a content filter and maybe mail flowpolicy ?I'm aware of destination controll how it works for outgoing mail.An example, if I have outgoing mail with header "important" I would li...
Hi everyone I hope you can assist me here, we have been utilising CRES for several years successfully using the content filter option for activating the option for senders, however I have been asked about the functionality that is mentioned in the bl...
HelloHow dose virtual gateways works in a ESA Cluster? Can you use one gateway att cluser level and it applies to both machines?Or do you need to have one gate and Ip per unit? Regards//Andreas
Hello,this is working fine:1) accept Query for Users and Members of MAILENABLE:(|(&(proxyAddresses=smtp:{a})(objectClass=user))(&(proxyAddresses=smtp:{a})(memberof=CN\3dMAILENABLE,DC\3dxx,DC\3dlocal)))so we can select exchange public Foldes and maile...
I'm looking for a way to test inbound and outbound message filters before moving them to production.I found this article:https://www.cisco.com/c/en/us/support/docs/security/email-security-appliance/117902-qanda-esa-00.html It was helpful, however, yo...
i have received RMA with C680 with 7.8.0-360 OS,as its EOL and my current ESA-cluster is on 12.5.anyone can help,what will be the upgrade path from 7.8.0-360,and from where i can download the OS.
