Email Security

Cisco Secure Email Upcoming Events

Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...

Resolved! Black List

Does dash "-" have special meaning in Ironport black listing domains? (Hat Overview => Sendergroup (blacklist) ) ? Such as i put in " .bad-email.com". Will the dash email cause issues or it will match that domain exact? Thanks.

Resolved! Grep Ironport mail logs

Hello, Today I've tried to grep mail logs and I only received logs from today. There is no way to get logs from yesterday or from the specific date. Yesterday everything worked. Do you have any idea? Regards

Resolved! Bypass AMP

How would I configure Ironport to bypass File Analysis for specific domains that sends us email continuously with attachments? File Analysis is configured to Quarantine and I see file get backed up in the quarantine pending File Analysis. I would l...

Block Office documents containing macros

Is there any way to block office document types that contain macro's in this? The most recent cryptolocker variant (Locky) contains macro's which makes it more challenging to intercept. Blocking all office document attachments entirely isn't consid...

ESA Protection Against Petya Ransomware

Please note that there has been a new Talos blog posted regarding today's outbreak of the Petya Ransomware, which can be found here : http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html. While email is still being investigate...

The Critical message is: An application fault occurred:

The Critical message is: An application fault occurred: ('session/CoroSessionContainer.py __getitem__|359', "<type 'exceptions.KeyError'>", "'sha256'", '[util/Aquarium.py screenLoop|413] [util/InternalLibrary.py inverseExtend|328] [util/InternalLib...

Resolved! Ironport ESA : post reboot - dose ESA will join cluster automatically?

Hi There, Setup is cluster of virtual ESAs : We have VMs to be moved on new ESX hosts, hence couple of ESAs ( from cluster of four) has to be shutdown and then same will be switched on once VM movement completes. So my question is : Does ESA joins cl...

Resolved! Throttled messages

Hi all, just a question/doubt: all throttled messages by suspectlist are definitively lost? Or there will be a sort of re-send of those messages? Thanks

ESA licensing

Hi there, can someone tell me if my ESA will continue to process email if I do not renew the licenses for "Inbound essentials bundle" and email "McAfee anti-virus" please? We're in the process of migrating users mailboxes to office 365 and have upda...

After upgrade, quarantining more items than usual

Good Morning, We recently upgraded our ESA to version 10.0.0-203 from 9.6.0-041 in preparation for migration to Email Cloud Security. Since the upgrade, we have noticed a tremendous upswing in the number of emails that have been marked "Encrypted". ...

ESA | How to block PPSX File

Hi Team, We would like to know to block ppsx file in ESA?

Understandig mail_logs and local_mail_logs

Hi all, which is the difference between mail_logs and local_mail_logs? and why if i do a centralized mail tracking from the gui i found, for example, tracking logs from 06/22 to 06/22 and i cannot find the file pointing to this date. Thanks in adva...

How to bypass Ironport System setup wizard

Hello, We are installing many appliances; for this we prepare configuration files, and then load them. However it seems we can't avoid to go through the system setup wizard: is there a way to avoid to run this, and go directly to the configuration fi...

Resolved! How to test DKIM and bounce verification

Hello, I have just configured one ESA C390 and I need to test if DKIM is working properly, but don´t know how to do this. Could you help me? Also I have to to test the bounce verification profile with a customized text. We are sending a mail from th...

Resolved! Block attachment file with hidden attachment

Dear All Recently i found out that mail gateway is getting some mail which have attachment and with that attachment there are some hidden link if you click that link it will take you to another link where a .js or exe file will be downloaded is ther...

Email Security

Forum Posts

Cisco Secure Email Upcoming Events

Resolved! Black List

Resolved! Grep Ironport mail logs

Resolved! Bypass AMP

Block Office documents containing macros

ESA Protection Against Petya Ransomware

The Critical message is: An application fault occurred:

Resolved! Ironport ESA : post reboot - dose ESA will join cluster automatically?

Resolved! Throttled messages

ESA licensing

After upgrade, quarantining more items than usual

ESA | How to block PPSX File

Understandig mail_logs and local_mail_logs

How to bypass Ironport System setup wizard

Resolved! How to test DKIM and bounce verification

Resolved! Block attachment file with hidden attachment

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Licensing my virtual ESA appliance

Cisco security proxy page

IronPort C300V Alert

Expired feature keys in Cisco Secure Email Solution Lab v2.2 in Dcloud

SMA problem upgrade

Ironport license name

Text Resource - Disclaimer Template Please enter content

CES integration query

Firmware update package Cisco IMC CVE-2024-20295 CVE-2024-20356

Grouping content filter condition criteria