Getting Started with Cisco Secure Email Threat Defense Join us as our experts walk you through some of the fundamentals, key concepts, and outcomes of the Cisco Secure Email Threat Defense product. We will help you gain the insight needed to create a...
Forum Posts
I noticed in the ESA AMP report that almost all incoming files handled by AMP have status unknown. Is this indicative of a problem in the configuration or is that to be expected? Ony 13 malicious files were found over a 90 day period which seems extr...
I encountered a significant bottleneck on my c600v today. We had one address receive approximately 1000 emails over the course of an hour or two, and the work queue spiked to over 1000 and took several hours to clear out, causing significant mail sen...
HI I am having a Cisco SMA Running AsyncOS 14.0.0-404 and I trying to setup a certificate for the Webinteraces that are on the SMA. I can copy paste the certificate in PEM format fine, and I can past the Private key in PEM fine into the SSL session f...
Greatings, We are splitting some users (after a sale of a company branch) from our structure to a new e-mail domain. There are only specific users that we want to do so. Thought i had it nailed with an Incoming mail rule but i came across a problem. ...
Resolved! SMA offline - SMA upgrade
1) I want to know what happens to the emails that the ESA sends to the centralized quarantine in the SMA, when the SMA is offline.Are the emails deleted?Emails are queued at the ESA until the SMA is online?2)I have the SMA in version 13.0.0-277, and ...
We are in process of setup SAML on SMA virtual appliance with ADFS 4.0According to the bellow :Add a custom rule to include SPNameQualifier in the response. The following is a sample custom rule:c:[Type == "http://schemas.xmlsoap.org/ws/2005/05/ident...
Resolved! Statistics of TLS and Ciphers
It was suggested that we remove some ciphers on our ESA. After running sslconfig and verify to test our existing cipher strings, I see we have SHA1 ciphers. I would like to disable these, but it seems like we should first see if they are being used a...
Dear all, I was told that for email blast in ESA, we can setup up multiple connection. Presently we only setup one connection for email blast. Can anyone please help to assist on how to setup multiple connection? Thanks in advance.
Hi Team, Our customer has made us the following query: We have activated the SPF verification on incoming emails and we are seeing that many domains enter with SPF None validation, when we check that they have the DNS records for SPF allowing the cor...
Resolved! Queued messages above a threshold
Hello, I have an ESA cluster virtual. I would like to limit the outgoing mails. I would like the ESA to send specific number of mails per interval, but the remaining should be queued and not dropped. I see this option in Mail Flow PoliciesIf I enabl...
Hi, i'm dealing with problem with dictionary filtering. I add regex term to dictionary blocked_dictionary which is used in Default Policy because i need to filter all incoming mails. Regex term > \s(bc1|[13])[a-zA-HJ-NP-Z1-9]{25,39}\w Problem is, th...
I wanted to turn off getting notifications about quarantined emails sent to my email address as we have a shared email we use. I went to the DLP policy settings and removed the email address, but I am still getting the emails. Any ideas? We don’t use...
Hi, We have recently been trying to migrate from an SMA M680 (source) to SMA M395 (Destination), but we are experimenting some issues when executing the backup. When the task finish (after about 3 or 4 hours) at the end source SMA sends the followi...
Hello Everyone, I configured an SMTP LDAP Authentication profile on my ESA and assigned it to a private listener. The SMTP authentication is working properly if I disable the verification or only use monitor action in the profile. If I use reject act...
Resolved! Dictionary entries question
A phisher is trying to executive spoof with the title President & CEO | M&A Integration, Restructuring & Brand Repositioning If I add that as a term in Blocked_phrases dictionary, which is used by a Blacklist filter with a rule dictionary-match("Bloc...
