Email Security

IronPort outgoing suspected spam mark as spam

Hello! I have Outgoing Mail Policy and Outgoing Content Filter on IronPort. Outgoing spam message dropping. Outgoing suspected spam message deliver. When user gets incoming suspected spam message and want forward the suspected spam message - Ironp...

Resolved! Reporting on C100V

Hello, I am fairly new to the Ironports and I have a Cisco C100V Email Security Virtual Appliance. We have actually deployed four in our environment and they are clustered together. What I am looking for is a way to combine the reports for incoming...

ESA C370s - Upgrade to AsyncOS 10.

Hey All, We have 2 ESA's C370's in a cluster. I noticed that AsyncOS 10 is currently out. Would we be ok to upgrade our C370's to AsyncOS10 ? THey are currently Running 9.7.1. I am asking because of this : Supported Hardware for This Release • All ...

C100V

Dears, We've deployed C100V ESA Cloud, but we are sending a lot of emails with no sender to recipient ams0 ? the public sender shows our mail boxes public IP! does anyone hear about this domain? regards, Mustapha

Resolved! Warning <System> ironport.company.com: Error connecting to cluster

Hi, Could someone please shed some light on the meaning of the following warning message. I've check the cluster status (two C170's) and everything is sync'd and communicating. The Warning message is: Error connecting to cluster machine company.c...

On prem ESA and Office 365

Good Morning, In the process of migrating from our current mail system to O365. We will be keeping our MX records on the On Prem Cisco ESA and all messages Inbound/Outbound will go through it. We will be looking to move the ESA to the cloud, but ou...

Reason: 4.4.2 - Bad connection ('000', ['TimeoutError']) []

Hi,can anybody help me.I saw this error while i show detail on message tracking. the email is not sent to address.pls help.

Resolved! IronPort LDAP Lookup Email Enumertion

We have a cloud-based IronPort ESA and we perform LDAP lookup on all incoming mail. The problem we are having is that we want to turn off the NDR that is generated from the IronPort when an email is sent to a non-existent email address. In other wo...

Resolved! finding out what item in a dictionary is firing?

Hi, We have an incoming content filter that is used to quarantine suspicious mails, based on Attachment name, sender, and body content dictionaries, as well as a couple of other items. These have grown over time, particularly with the recent macro ma...

Ironport - File reputation question

Hi, Enabling the File reputation but not the File analysis would make the ironport to upload all the files to the cloud? On the documentation it says enabling the file analysis makes the devide upload the file for further inspection but I'd like to k...

ESA - AMP Reporting: Total Items scanned?

Does anyone know if there is a way to get the total number of items scanned by the AMP feature aside of getting the number of items AMP actually stopped? I've looked through a number of the console screens but none seem to give that indication of tot...

Trying to filter specific "irsxxx.doc" attachments - not working

We are receiving a bunch of "irsxxxx.doc" attachments with x = random numbers. (example: irs62662.doc) I've tried setting several filters to strip and quarantine these attachments, but it: * either doesn't work at all * strips any attachment with t...

out of office messages not being delivered to external senders

A bit of an odd situation. We are migrating to a cloud email provider. For our early test users, email from external users comes to our ironports, flows through to exchange, then exchange forwards it out (through ironport again) to a shadow domain th...

Quarantine email recipient starts with 10

Hi, I created an incoming filter to quarantine an email recipient starts with 10, for example 109123@domain-y.com Recipient_Start_With_10: if (rcpt-to == "^10") { quarantine("Policy"); } I tested the filter and works fine. But, there are some email...

Resolved! Transfer ESA logs

Hi, I just install a new ESA to replace to old one. I would like to import the old logs to my new ESA. Can some body let me know the procedure. Thanks.

Email Security

Forum Posts

IronPort outgoing suspected spam mark as spam

Resolved! Reporting on C100V

ESA C370s - Upgrade to AsyncOS 10.

C100V

Resolved! Warning <System> ironport.company.com: Error connecting to cluster

On prem ESA and Office 365

Reason: 4.4.2 - Bad connection ('000', ['TimeoutError']) []

Resolved! IronPort LDAP Lookup Email Enumertion

Resolved! finding out what item in a dictionary is firing?

Ironport - File reputation question

ESA - AMP Reporting: Total Items scanned?

Trying to filter specific "irsxxx.doc" attachments - not working

out of office messages not being delivered to external senders

Quarantine email recipient starts with 10

Resolved! Transfer ESA logs

CSCvi29672 - Implementation of Authenticated Received Chain for ESA

Cisco Secure Email Gateway Log Subscription

Firepower now blocks legitimate SMTP Traffic

The mcafee was restarted due to an error.

obtain classic PAK licence for c195 / where to get a temp 10 day key?

CSCun25517 - Feature Key Grace Period is not effective

can you recommend me a cisco online shop for this licence

Overall CPU usage is above the configured threshold.

Whitelist sender IP addresses in Cisco ESA

Renew License in Cisco ESA