Email Security

Cisco Secure Email Upcoming Events

Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...

Resolved! Remote SMTP server never use 2nd MX record

Hello,I have 2 Ironport C370 in centralized management mode.2 MX records in my public DNS :10 frel01.xxx.xx [IP_Public_frel01]20 frel02.xxx.xx [IP_Public_frel02]Those 2 records work fine, I checked them with online tools (mxtoolbox....

Alter Reputation based on other factors

Hi,Recently I had an issue where a legitimate sender had their emails dropped on our gateway (C650) due to a poor SBRS reputation.I believe this is possible, but I'm not quite sure how so any help would be greatly appreciated.What I would like to do ...

Incident Response for Ironport

How to create incident response plan. If the Ironport device crash i.e. it is non-reponsive/ hacked/ unable to boot.

Finally using SPAM quarantine and want to know how many e-mails are being released

We have two C660s and one M660 and we are finally using the SPAM quarantine functionality on the M660 and so far it has been awesome. For my pilot group I have the spam thresholds set as low as recommended by the GUI at 50 (positive) and 25 (suspec...

Modify message tracking log size

Hi All,I would like to ask if it is possible to change the buffer size for the message tracking log so we could keep more historical message logging. Thanks.Product: C170Version of Ironport: Async 7.5Rgds,Jacky

Ironport - An application fault occurred: ('egg/message_queue.py rehydrate|425'

Hi,We have over the last 24 hours received messages like this:Critical: An application fault occurred: ('egg/message_queue.py rehydrate|425', "<type 'exceptions.IndexError'>", 'list index out of range', '[egg/message_queue.py filter|462] [egg/message...

Resolved! Upgrading to C170's from C150's

I am in the process of upgrading our two clustered C150's (os version 7.1.5-017) to two C170's. Our old appliances were built when we were on a Domino platform, but we have switched to Exchange 2010 in the last year. As such, the current config is ...

scp command failed to execute for log subscription in ironport

Hi we are using scp to transfer the mail log to remote server it was running fine till may 11, after that it failed to transfer the logs to remote server, when i search the system logs it shows:"Thu Aug 9 10:56:50 2012 Critical: Log Error: Push erro...

Add more outgoing IP's to C360

I have 3 different Mail-server setups which all relays through my Ironport C360.I have added the 3 different IP's in the "IP Interfaces" & "Listeners".Each Mail-server setup connects to their own IP and it appears that all is working fine.However whe...

reject mails content filter based (regex)

How can I reject incoming mails based on a regex?

Resolved! Policy quarantine questions

I'd like to perform lawful intercept on outgoing mails.But the requirement is not using keyword, rather, it is based on sending user email addresses.I can do the following, but I will need to update and keep in sync the dictionary.MonitorUserFilter: ...

Senderbase Network Server down?

On my two IronPort C660s I'm getting Senderbase Network Server down on Security Services > SenderbaseTrue?I think a lot of e-mail is getting rejected because we have if SBRS score is unavailable the e-mail sender is throttled quite a bit...

Link in body

Is there a way to block an incoming message that contains only a link in the body of the message?We have been receiving a lot of messages from clients where their computer or email account (primarily AOL) have been hacked and they are sending message...

Content filters for email img attachment > xxKb?

We've recently installed Ironport for email successfully and transferred a lot of our old rules from our content filtering system. One of our business's requirements is that we flag any images sent / received over a certain size. This, on our old sys...

Is there a document which defines all the logs which are logged by IronPort?

Hello Guys,I wanted to know if there is a document which specifies all the Email Security logs with the Event ID and the description. It will be a great help to meThanksAnanth

Email Security

Forum Posts

Cisco Secure Email Upcoming Events

Resolved! Remote SMTP server never use 2nd MX record

Alter Reputation based on other factors

Incident Response for Ironport

Finally using SPAM quarantine and want to know how many e-mails are being released

Modify message tracking log size

Ironport - An application fault occurred: ('egg/message_queue.py rehydrate|425'

Resolved! Upgrading to C170's from C150's

scp command failed to execute for log subscription in ironport

Add more outgoing IP's to C360

reject mails content filter based (regex)

Resolved! Policy quarantine questions

Senderbase Network Server down?

Link in body

Content filters for email img attachment > xxKb?

Is there a document which defines all the logs which are logged by IronPort?

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Escape & character in params using HTTP Request in XDR Workflow

Trusted Root Certificate Update - strange names

CES swap memory threshold alerts

Cisco security proxy page

IronPort C300V Alert

CISCO ESA de-commission queries

First Installation Virtual ESA 15.5.1

Ironport license name

Text Resource - Disclaimer Template Please enter content

CES integration query