Email Security

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

Important: Migrate from Secure Email Virtual C100V Models to Avoid McAfee-Related Issues Dear Valued Customer, We are reaching out to ensure your Cisco Secure Email environment continues to operate at optimal performance and reliability. As worklo...

Error or Reply with "User unknown in virtual alias table"

Recently some of my user are getting following error" Reporting-MTA: dns; MyIronPort.MyDomain.comFinal-Recipient: rfc822;x.y@abc.comAction: failedStatus: 5.0.0 (permanent failure)Remote-MTA: dns; [1.7.21.8]Diagnostic-Code: smtp; 5.1.0 - Unknown add...

Resolved! ESA C390 Default Disk Management Values

Hello, Can some one help me to understand the default disk management values for ESA C390 appliance?. I am looking for something like the attached. Regards Shabeeb

Resolved! ESA does not extract ACE Archives

Hello, last week we received a wave of email with ACE archives. This archives contained a malicious EXE file. Only the ACE files was scanned by AMP but the archive was not extracted to scan the content. As far as I know, archives should be extracted ...

Access logs issue for long time session

Hi,I noticed that in my access logs, some entries have a very high value in the "time-taken" field (several days or weeks). That means I only see the logs concerning these connections after a very long time as log entries is written when session is c...

AMP File Analysis service (ThreatGrid Cloud)

Hi, We are using ESA along with AMP File Reputation and File Analysis with ThreatGrid Cloud for incoming mails only. We noticed that the bounce back - "Undeliverable" emails with attachments are also scanned by AMP. Is it really required and normal b...

Resolved! ESA C190 two interfaces ( DATA 1 & DATA 2)

I am trying to install new ESA c190 for first time but there is only one default gateway and customer wants an interface (DATA2) for internal and external SMTP traffic along with "DATA 1" interface as dedicated Management interface and I don't se...

Cisco ESA - BCC all incoming emails

Hallo Forum, i want to configure an Incoming Rule for one recipient to forward all clean incoming mails as CC or BBC to an O365 account and also to the productive Notes system behind the CISCO ESA. Is it possible the configure such a rule? Also the...

How does SMA send alerts

Hi I have seen few discussions about this topic, but all remain unanswered. How does SMA/ESA/WSA send alert emails? When we type "alertconfig"it allows us to configure the "FROM" address and the mail recipients that will be receiving the alerts and a...

How to enable web administration from CLI

Hi There, I have recently replaced a Management device due to H/W failure at a remote site. Am able to access the device from CLI whereas GUI is not connecting. How to check & enable the http/https access. Thanks, Logan

Resolved! Message Tracking URL tab

With our old appliances, C370 build 11.0.0-267, we had a URL details tab inside of message tracking. Screenshot included. This showed up for any messages grabbed by our Malicious URL filter. On our new appliances, C390 build 11.0.1-027, this tab is n...

Resolved! Is AsyncOs 11 fully stable for C190?

Has there been any updates on how stable version 11.0.1-027 release is for C190? I remember version 11 not being available for C190 until a couple of months ago (based on a previous post), but even then the hot patch released did not fully fix the ...

Resolved! Quarantine Unknown Files Until AMP Reaches a Verdict

Is it possible to quarantine an unknown file until AMP reaches a verdict. I currently have the incoming mail policy for AMP to quarantine messages that are pending file analysis. In the file analysis quarantine, I have the default action to retain fo...

Resolved! Help! Content filter with Dictionary checking

By default, my company will block all mail from gmail.com, yahoo.com & hotmail.com. I have created 2 dictionaries for this issue: 1) Exceptional email address list which allowed to send mail to us. 2) VIP list who can receive email from these 3 domai...

Mail Policy, Content Filter, whiitelist sender address group(s)

Hey Guys, Pretty simple question here. But hoping someone can just tell me the answers. 1) Mail Policy - This Is used to manage how message are sent/received from/to a specific user or domain right? 2) Content Filter - This is used to select "Wha...

MID xxxxxxx cannot be scanned by CASE. The message is either malformed or CASE is unable to process it at the moment.

Getting lots of critical error since 14 Dec 2017 from several of our Ironport ESAV appliances: Critical: MID xxxxxxx cannot be scanned by CASE. The message is either malformed or CASE is unable to process it at the moment. ESAV appliances are C30...

Email Security

Important Announcements

Cisco Secure Email Add-Ins No Longer Supported on Microsoft Outlook 2019

TLS 1.0/1.1 Deprecation from AsyncOS for Secure Email Gateway, Starting version 16.5

Forum Posts

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

Error or Reply with "User unknown in virtual alias table"

Resolved! ESA C390 Default Disk Management Values

Resolved! ESA does not extract ACE Archives

Access logs issue for long time session

AMP File Analysis service (ThreatGrid Cloud)

Resolved! ESA C190 two interfaces ( DATA 1 & DATA 2)

Cisco ESA - BCC all incoming emails

How does SMA send alerts

How to enable web administration from CLI

Resolved! Message Tracking URL tab

Resolved! Is AsyncOs 11 fully stable for C190?

Resolved! Quarantine Unknown Files Until AMP Reaches a Verdict

Resolved! Help! Content filter with Dictionary checking

Mail Policy, Content Filter, whiitelist sender address group(s)

MID xxxxxxx cannot be scanned by CASE. The message is either malformed or CASE is unable to process it at the moment.

Migrate ESA Cluster to new Hypervisor

certificate in onpremises ESA and TLS

I would like to change my email address at https://id.cisco.com

Defend against unsolicited calendar invite emails from Google

API for connection details does not return any result

ESA DNSBL, Spamhaus return code 127.255.255.254 considered as "MATCH"

Certificate Signing Request for ESA

quarantine notification - questions

CES - SDR

Cisco ESA Cloud Gateway C100v grep for user who blacklisted domain