Email Security

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

Important: Migrate from Secure Email Virtual C100V Models to Avoid McAfee-Related Issues Dear Valued Customer, We are reaching out to ensure your Cisco Secure Email environment continues to operate at optimal performance and reliability. As worklo...

SMA Message tracking, search email by the FROM header

How can I search in SMA Message Tracking for emails based on the FROM header? Aditionaly, the message tracking only shows up to 250 results, what if I need to know the total amount? for instance, how many emails where sent by an internal domain "xdom...

Resolved! Quarantine mails based on Threat Category

Is it possible to quarantine mails based on the threat category? I can see in the message details an entry "Threat Category: Phishing" and in the SMA I can search for them in the Sender Domain Reputation report also in the message tracking , but how ...

recipients email delivered but categorized as spam

Hi,we're facing a strange problem with our esa 11.0.3-251some of our users complain that some recipients did not get our mails.after checking the logs we found that some mails have been delivered correctly, investigating with the recipients we found ...

Resolved! Cisco Ironport ESA - Security Services / Scan Behavior - Impact on AV- & Spam-Scanning?

Hi, the administration guide for the ESA (v. 11.1) states: "You can control the behavior of body and attachment scanning, such as the attachment types to be skipped during a scan by configuring the scanning parameters. Use the Scan Behavior page or ....

TLS Required: How to bounce immediately on TLS error

Hi,we have some destinations in the destination controls that are set to "TLS required". Is there any way we can immediately bounce mails if TLS for these destinations is unavailable?We tried using a custom bounce profile for that, but that bounce pr...

AsyncOS 13.0

Any ETA for when this will become GA on ESA appliances? thanks

Resolved! Sophos Anti-Virus Engine update alert

Hi, We received an alert that the AV database on this system is expired. i tried to update it on GUI but it says the new update is not available. The installed version of Sophos Anti-Virus Engine is 3.2.07.377.1_5.70, on our ESA AsyncOS 12.5.1-037. ...

Weird CPU numbers on Virtual ESA

This ESA seems to be running fine, but the CPU numbers make no sense. Anti-Virus is actually disabled on this host. Anyone seen this? CPU UtilizationEmail Security Appliance: 10.0%Anti-Spam: 0.0%Anti-Virus:742.0%Reporting:0.0%Quarantine: 0.0%Over...

Feature requests for ESA/SMA ....

Hi there, I wanted to get a collection of missing or nice to have features started for ESA and SMA and hopefully we come up with a good list and get some attention and momentum from product management. Please feel free to comment on any of my feature...

compare envelope senders and message id headers in ironport

is possible to compare envelope senders and message id headers on ironport? I need this to prevent email spoofing. because a few weeks ago, I got an email with a different envelope sender and message id header in it.

SMA upgrade path from 12.5.0-658 to 13.5.0

We recently upgrade our virtual SMA server from 11.5.1-115 to 12.5.0-658. From the documenthttps://www.cisco.com/c/dam/en/us/td/docs/security/security_management/sma/sma13-5/SMA_13-5_Release_Notes.pdfseeing that the upgrade path is available from 12...

Resolved! Cisco C100V, C300V and C395 can't access via port:4431

After upgrading to Async OS to 13 version, it offers me "Email Security Appliance is getting a new look. Try it !" In the new tab it's trying to open CESA with 4431 port. It's trying open but at the end Error in below504 Gateway Time-outnginx Via Tel...

ESA - Work Queue

Hi Expert, How can i view which message in the work queue on outgoing email on ESA? Thanks

'Failed to connect to aggregator.cisco.com port 443: Operation timed out'

Dear allI get such notification form ESA'Failed to connect to aggregator.cisco.com port 443: Operation timed out' and I begun to capture packet. when I check the result in wireshark observed that syn message is sent but ack message not turns back. wh...

Unable to connect to the Cisco Aggregator Server.

Hi Dear, From today morning, I have received multiple alert , could you please how I can mitigate this alert. Unable to connect to the Cisco Aggregator Server.Details: (56, 'Received HTTP code 503 from proxy after CONNECT').Version: 12.5.1-037 Regard...

Email Security

Important Announcements

Cisco Secure Email Add-Ins No Longer Supported on Microsoft Outlook 2019

TLS 1.0/1.1 Deprecation from AsyncOS for Secure Email Gateway, Starting version 16.5

Forum Posts

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

SMA Message tracking, search email by the FROM header

Resolved! Quarantine mails based on Threat Category

recipients email delivered but categorized as spam

Resolved! Cisco Ironport ESA - Security Services / Scan Behavior - Impact on AV- & Spam-Scanning?

TLS Required: How to bounce immediately on TLS error

AsyncOS 13.0

Resolved! Sophos Anti-Virus Engine update alert

Weird CPU numbers on Virtual ESA

Feature requests for ESA/SMA ....

compare envelope senders and message id headers in ironport

SMA upgrade path from 12.5.0-658 to 13.5.0

Resolved! Cisco C100V, C300V and C395 can't access via port:4431

ESA - Work Queue

'Failed to connect to aggregator.cisco.com port 443: Operation timed out'

Unable to connect to the Cisco Aggregator Server.

False Positive – SharePoint Folder Sharing Email Blocked

0-Day in ESA/SMA CVE-2025-20393

Periodic ESA and SMA configuration file

Config changes sync when reconnecting devices to cluster

Login Link

CSCws36549 - Reports About Cyberattacks Against Cisco ESA and SMA

Need help assessing my level of vulnerability to CVE-2025-20393

ESA: Validating DKIM-Signature failed if signing domain is uppercase

False Positive Email Deleted By Cisco Secure Email Threat Defense

Maximum allowed message size for S/MIM