Email Security

Wrong logging on IronPort C300V

Hello, yesterday I noticed 1 thing:IronPort passed mail but in logs it's looking like rejected connection with a comment "Incoming connection (ICID 37639876) successfully accepted TLS protocol TLSv1.2 cipher ECDHE-RSA-AES128-GCM-SHA256.Can anyone exp...

Use ESA Appliance for other applications

Hello,can I use ESA-C195 for hosting another Cisco's applications?For example - Firepower Management Center etc.

EHLO Settings on Cisco C300V Email Security Appliance Virtual

Good Afternoon, Would someone be able to tell me if the EHLO\HELO settings on a C300V ESA are set at the machine level or cluster level?Also, where would we find these settings from the Web UI. We have an issue where it looks like an external sende...

Mail delevery issue

HI Dear, i have received multiple complain, When they send mail to a group in that group reciepeint count is 18 + and in CC aroun 35 ++. from that few people are not receiving mail. does any body help me here ? KR Moin

Incoming connection (ICID 49632) lost >> Message 50507 aborted: Receiving aborted

Hi, we are facing issues with incoming emails from some of the important domains, in the message tracking i can see after SPF check Pass, there is 5 min delay (Timeout for Unsuccessful Inbound Connections) and then connection lost error as below. the...

SDR Threat Categories

Hi,I've been playing with content filters based on SDR (Sender Domain Reputation). I can see that content filter allow me to filter messages based on general SDR score/verdict. If I do this, the log also contains an additional Threat Category, next t...

SMA Message tracking, search email by the FROM header

How can I search in SMA Message Tracking for emails based on the FROM header? Aditionaly, the message tracking only shows up to 250 results, what if I need to know the total amount? for instance, how many emails where sent by an internal domain "xdom...

Resolved! Quarantine mails based on Threat Category

Is it possible to quarantine mails based on the threat category? I can see in the message details an entry "Threat Category: Phishing" and in the SMA I can search for them in the Sender Domain Reputation report also in the message tracking , but how ...

recipients email delivered but categorized as spam

Hi,we're facing a strange problem with our esa 11.0.3-251some of our users complain that some recipients did not get our mails.after checking the logs we found that some mails have been delivered correctly, investigating with the recipients we found ...

Resolved! Cisco Ironport ESA - Security Services / Scan Behavior - Impact on AV- & Spam-Scanning?

Hi, the administration guide for the ESA (v. 11.1) states: "You can control the behavior of body and attachment scanning, such as the attachment types to be skipped during a scan by configuring the scanning parameters. Use the Scan Behavior page or ....

TLS Required: How to bounce immediately on TLS error

Hi,we have some destinations in the destination controls that are set to "TLS required". Is there any way we can immediately bounce mails if TLS for these destinations is unavailable?We tried using a custom bounce profile for that, but that bounce pr...

AsyncOS 13.0

Any ETA for when this will become GA on ESA appliances? thanks

Resolved! Sophos Anti-Virus Engine update alert

Hi, We received an alert that the AV database on this system is expired. i tried to update it on GUI but it says the new update is not available. The installed version of Sophos Anti-Virus Engine is 3.2.07.377.1_5.70, on our ESA AsyncOS 12.5.1-037. ...

Weird CPU numbers on Virtual ESA

This ESA seems to be running fine, but the CPU numbers make no sense. Anti-Virus is actually disabled on this host. Anyone seen this? CPU UtilizationEmail Security Appliance: 10.0%Anti-Spam: 0.0%Anti-Virus:742.0%Reporting:0.0%Quarantine: 0.0%Over...

Feature requests for ESA/SMA ....

Hi there, I wanted to get a collection of missing or nice to have features started for ESA and SMA and hopefully we come up with a good list and get some attention and momentum from product management. Please feel free to comment on any of my feature...

Email Security

Forum Posts

Wrong logging on IronPort C300V

Use ESA Appliance for other applications

EHLO Settings on Cisco C300V Email Security Appliance Virtual

Mail delevery issue

Incoming connection (ICID 49632) lost >> Message 50507 aborted: Receiving aborted

SDR Threat Categories

SMA Message tracking, search email by the FROM header

Resolved! Quarantine mails based on Threat Category

recipients email delivered but categorized as spam

Resolved! Cisco Ironport ESA - Security Services / Scan Behavior - Impact on AV- & Spam-Scanning?

TLS Required: How to bounce immediately on TLS error

AsyncOS 13.0

Resolved! Sophos Anti-Virus Engine update alert

Weird CPU numbers on Virtual ESA

Feature requests for ESA/SMA ....

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

“Email Security Appliance Bounce Verification” is “not requested”

Cisco ESA on VM become unresponsive after register smart license

CSCvi29672 - Implementation of Authenticated Received Chain for ESA

Blocking spam from various sources

cloud email security possible with ISE

Renew License in Cisco ESA

Message Filter to filter based on Incoming Mail Policy

ETD integration with ESA deployed on an on premise exchange server

Microsoft 365 and Destination Control settings

[WARNING: MESSAGE ENCRYPTED] not visible in the message tracking