Email Security

Cisco Secure Email Upcoming Events

Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...

ESA | Stopped by Reputation Filtering

Hi Team: I am trying to determine why a particular partner of ours is being blocked total attempted 500+ messages in. Out of about 597 attempted messages, 384 are being stopped by reputation filtering. Is there something I can view in the logs to de...

How to Filter the Bounce Verification Address

Currently i have issue that the sender address with Bounce Verification tags was hit our SPF Content Filters. E.g, Sender : prvs=joe=123ABCDEFG@example.com We would like to exclude this. Can someone advise how to filter this Thank you in advance ...

Incoming content filter - ESA

I have created a content filter and having few questions. Also, please find the attachment for reference.1. How to make it as case insensitive.2. I have tested this content filter by using "Trace" option in GUI. But, I am unable to see the Action of ...

FP attributed to .online domain

I'm running my own mail server on the domain: hexspoor.online Unfortunately suddenly i'm experiencing delivery problems whenever i try to send mail to organizations that use IronPort. My logs indicate that the messages are sent and accepted, but they...

Resolved! ESA Virtual Appliance LDAP Issues

I am currently testing the ESA virtual appliance, and I am having an issue with the LDAP setup. Now I have multiple other systems that use LDAP and they are working without with the same account so I do know that LDAP is working. I use the wizard t...

Emails with Japanese charcters being dropped by CASE

We are using the Cisco cloud based version of the ESA for email security. I have noticed lately that it seems like an unusally high amount of valid emails are being dropped by CASE. It seems to be happening more with emails from our Japan customers...

What is the control to detect spoofed sender IPs?

Could you please answer to below question: What is the control to detect spoofed sender IPs in IronPort?

How to upgrade certificate of Management appliance from SHA1 to SHA2

We are using M1070 in our email infrastructure and would like to upgrade the certificate from SHA1 to SHA2. Could you please suggest on how can I proceed further?

HAT WHITELIST No Content Filter

Hi everyone, Is anyone here tried that WHITELISTED IP sender under HAT has no Content Filter insoection? I was thinking on how to do this. All the incoming Mail (WHITELIST and UNKNOWNLIST) falls to DEFAULT policy. The UNKNOWLIST need to be scanned by...

Resolved! IronPort C170 - View Custom Certificate Authorities - page can not be displayed

Hello Community, we run a IronPort C170 cluster. When in the menu "Edit Certificate Authorities" i am not able to view the Installed certificates with the < View Custom Certificate Authorities or View System Certficate Authorities > link. Any time i ...

Resolved! SMA import Safelist/Blocklist

Hello, i faced the following question - when you import ESA devices in SMA for central management and quarantine the Safelist/Blocklist normally are not migrated. Am i right? Is there a way to import the safelists/blocklists in easy way or i have to ...

What steps are necessary on the SMA when we RMA an ESA

Se have a management appliance providing message tracking and reporting for our multiple ESA appliances. We are in the process of replacing an ESA that is failing via the RMA process. My question is what steps do we need to do on the management app...

Resolved! How to specify sender exception for content filter

Hello, I've created a incoming content filter to quarantine email if the SPF verification fail: SPF_Verification_Fail: if (spf-status == "fail") { quarantine("SPF_Verification_Fail"); } However, there are some trusted emails which are fail the SPF ve...

Regular Expression Credit Card Filter

I've been playing around with filters for credit cards and have yet to find one that stops all credit cards while limiting false positives because it is matching any random 16 characters.I need one that blocks all amex, visa, mc, and discover without...

Resolved! ironport email security custom setting for email and to view .enc or .raw file.

HiUsing Iron Port email security plugin - Reporting only. version 7.6I need to do some customization for install.due to other factors... i need to be able to customize the spam button to send to multilple email addresses. i see where to set it but u...

Email Security

Forum Posts

Cisco Secure Email Upcoming Events

ESA | Stopped by Reputation Filtering

How to Filter the Bounce Verification Address

Incoming content filter - ESA

FP attributed to .online domain

Resolved! ESA Virtual Appliance LDAP Issues

Emails with Japanese charcters being dropped by CASE

What is the control to detect spoofed sender IPs?

How to upgrade certificate of Management appliance from SHA1 to SHA2

HAT WHITELIST No Content Filter

Resolved! IronPort C170 - View Custom Certificate Authorities - page can not be displayed

Resolved! SMA import Safelist/Blocklist

What steps are necessary on the SMA when we RMA an ESA

Resolved! How to specify sender exception for content filter

Regular Expression Credit Card Filter

Resolved! ironport email security custom setting for email and to view .enc or .raw file.

Congratulations to the Event Top Contributors Class of 2024!

Cisco + Splunk: It's a new day for your data.

A new chapter of the Spotlight Award begins!

Join us in Celebrating the New Year and the Nov.-Jan. Winners!

Announcing Resources That Guide You to Success

Cissco Ironport "virus detected messages empty"

Modify Cluster configuration Ironport C195

Cisco ESA - SMTP authentication best practice

Cisco ESA LDAPS error on Active Directory

DMARC Aggregate Report is missing

merge two different clusters into one

What Information SMA Collect from ESA?

mail_logs / E-mails released from quarantine

Weak TLS ciphers detected by a Qualys scan and not used in SSLCONFIG

Creating a dictionary of domains