Looking for some help please.
I have a customer who is using C170 ESA and recently we had a mail with malicious content that usual is blocked, but got through.
Then I sent the mail myself from a test account with the same content and it was corre...
We are a cloud CES customer. I believe last night we were upgraded from 11.1.0-135 to 11.1.2-023.
Today we have reports of incoming email not matching an incoming policy that it previously did. The policy matches specific sender addresses. Wha...
Hello Forum, We have observed on Splunk that a user is sending emails from his own organizational mail address to himself (same mail address). there are 44 emails triggered in a time span of 5 mins and we monitor the traffic in Splunk through cisco i...
How do you configure DMARC in the Ironport Email Security Appliance? I have it on but according to other sites it seems more complicated then 'flipping a switch'. I mean sites say you should have a TXT dns record, and then there are also third part...
Which is the maximum email address that can be added to the Following Senders in a Policy Name.in box <textarea name="addressListsender" id="addressListsender" >...I need to block a lot of email addresses, @domains .(IOCs) For example, Can I add 300...
Can Cisco ESA able to take two headers, look at them, and make a decision in the context of Message Filters.
We are using
Cisco C100V
Cloud Email Security Appliance
Version: 11.1.2-023
Hello,
I am just thinking about CAPP and CES. These two technologies have some similar features and CES have even more of them over the CAPP. What is the positioning of these technologies? Which one of them i should propose the customer and under w...
Hello,
I would like to some enquire about below commands for daily operation.
Command: repengstatus
Command: sbsstatus
I would like to know as:-
1) How old does the engine need to be in order to determine for the update or verify the process on t...
Hello there, we have come across a bug in the message tracking tool on the gui. Timestamps are being shown wrongly where the actually last two entries are shown on the top. We are running the new Async 12.0.0-419 on a C100V. Has anybody else come acr...
Hi guys, It is necessary for a certain destination to only allow the entry of messages that come from a limited list of senders. Contact_example: if (rcpt-to == "(? I) contact @ example \\. Net") AND (mail-from-dictionary-match ("example_Dict", 1)) {...
HI Team,
I would like to have confirmation that is there is compatibility issue with NTLMv2 on Cisco IronPort ESA and my i have any configuration guide or steps for the same.
I believe NTLM configuration is more in WSA than ESA. So i just wanted ...
Hello all,
Is it possible within the email Message Tracking to filter based on which Mail Policy a message hit? There are lots of filters available, but I can't seem to find one that does this. I'm trying to cleanup our Mail Policies, as we have seve...
Does Cisco's cloud email security have the ability to search for a given MD5 to determine if it has seen it before? In addition, can you upload an MD5 or an email and determine if it malicious without having it in an email inbox?
Email users received spam email, directly to the inbox, iron port URL scanning display the below message 06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 06:55:15 (GMT -05:00)06 Feb 2019 0...
There is no public article available to describe on how certificate based authentication works for email relay with cisco ESA. General awareness of how certificate based or ldap based authenticate available but how that can be achieved with ESA no in...
