Email Security

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

Important: Migrate from Secure Email Virtual C100V Models to Avoid McAfee-Related Issues Dear Valued Customer, We are reaching out to ensure your Cisco Secure Email environment continues to operate at optimal performance and reliability. As worklo...

Inclue AMP Engine in message filters?

I currently have a rule to drop filenames x.ab, but i want to include AMP in the process without moving it to a content filter. I see there is an option for skip-ampcheck, but what is the opposite for that? scan-ampcheck or amp-verdict? Regards Che...

Resolved! 7Zip support for message/content filters in 10.0.1-087

Hello, I am currently testing a message filter that scans for javascript tags in various html files and for that also with various archive files. Last time I checked there was no support for 7z files with the attachment-binary-contains, but my tests...

CES Audit log

Hi Team,In the CES console for the audit log there is no option for check the administrative activities carried out to check what changes has been made by an administrative user. As per my research cisco.com it is not a configurable option.Can you pl...

phishing mails with HTML attachment

Hi, we received multiple mails with HTML attachments containing paypal or other banking phishing attempts, please find attached the HTML file in question. please let me know if the original mail is needed too. Those mails probably should have been ...

Resolved! Recommended SPF Content Filters

What are the recommended content filters to setup for responding to SPF?

Resolved! End user access to content filtered quarantine messages

Messages quarantined via a content filter can only be placed into the Policy quarantine, and not into the standard quarantine. As far as I can tell, this is the only option and this quarantine as far as I can tell can only be accessed by the Admins....

ESA 9x - ldap group query fail in content filters

Hello, ESA 9.x appliance working well with listener on LDAP query. policies use ldap groups and it works. I try now to check an ldap group sender in a content filter "matches ldap group". this never works. I tried a lot of diffferent syntaxes but no...

Resolved! URL Reputation

Hello, I am looking into using the URL Reputation for my inbound email. I have in enabled but not taking any action at this time. Is there a way to see what a specific email scored for URL reputation on the -10.0 to 10.0 scale? Thanks! Shawn

Quarantine for AMP unscannable

Hi Team,In the CES console when the AMP is not able to scan the attachment there is action of Deliver or Drop, customer wants to have quarantine action for these mails. As per my research cisco.com it is not a configurable option.Can you please advis...

message filter - for multiple IP - do no any security check

Hello, I want to do not any checks(email security) for multiple IPs. === ESA diagram==== Internet -- MTA(Other Email Security Gateway) --- MTA(Cisco ESA C690X) – Mail Server I entered [Message filter] for do not any security check 2.2.2.0...

Undeliverable mail settings

Hi there, when an email is undeliverable for one reason or another (unknown address invalid recipient, etc) I'd like to be able to include more information to the original sender. Currently they get back: The following message to <user@email.com> ...

Upgrading C370 from 9.7.1-066 to 10.0-203

Wanted to upgrade my appliances but I have some concerns about performance. In the release notes there is a Performance Advisory: RSA Email DLP • Enabling RSA Email DLP for outbound messages on an appliance that is already having anti-spam and anti...

"Add Sender to Safelist" after Release forces login to EUQ

2xC170's on 7.6.1-022 in a cluste and LDAP integrated to Active Directory. All authentication is working as expected, I've seen now issues.After a user clicks "Release" on a line item in their spam quarantine notification e-mail, the e-mail is relea...

How can I disable smart identifiers from triggering on headers / metadata?

We have IronPort encryption auto enabled for certain smart dictionaries like SS#, ABA Numbers, etc... and for the most part this works, however there are some false positives we need to work through. This is request is coming from an EVP of Marketin...

Resolved! TLS bit lenght/support check In C670 ESA

Hi Team, Would you please let us know how to check the TLS bit length and its compatibility with the different, bit length encryption standards/device in mutual TLS hand shake with other domain/environment .

Email Security

Important Announcements

Cisco Secure Email Add-Ins No Longer Supported on Microsoft Outlook 2019

TLS 1.0/1.1 Deprecation from AsyncOS for Secure Email Gateway, Starting version 16.5

Forum Posts

Migrate from Secure Email Virtual C100V to Avoid McAfee-Related Issues

Inclue AMP Engine in message filters?

Resolved! 7Zip support for message/content filters in 10.0.1-087

CES Audit log

phishing mails with HTML attachment

Resolved! Recommended SPF Content Filters

Resolved! End user access to content filtered quarantine messages

ESA 9x - ldap group query fail in content filters

Resolved! URL Reputation

Quarantine for AMP unscannable

message filter - for multiple IP - do no any security check

Undeliverable mail settings

Upgrading C370 from 9.7.1-066 to 10.0-203

"Add Sender to Safelist" after Release forces login to EUQ

How can I disable smart identifiers from triggering on headers / metadata?

Resolved! TLS bit lenght/support check In C670 ESA

Periodic ESA and SMA configuration file

Config changes sync when reconnecting devices to cluster

Login Link

message filters RegEx Error: "An error occurred during processing: \."

CSCwp83335y to Remove Calendar Invites When Remediating Meeting Emails

ESA: Validating DKIM-Signature failed if signing domain is uppercase

False Positive Email Deleted By Cisco Secure Email Threat Defense

Maximum allowed message size for S/MIM

CES Incoming mail content filter more than one subject

Add New Ironport Cluster Member