Email Security

Hi,   in our setup all incoming and outgoing mails are going through an ESA cluster. I tried BATV, which leads to the problem that all outgoing mails are tagged for BATV. The problem now is we're allowing mail forwards (without SRS). Therefore mails ...

Hi,   I have a notification template where i am logging certain fields of the message headers. I have no issues with the default ones like $from, $subject. But am trying to pull fields that don't have a defined variable using the $header[‘string ’] f...

I have one query regarding ESA deployment; Does ESA provide the capability to protect internal customer email traffic (meaning traffic from user1@example.com to user2@example.com). We are able to send the email from local to other domain through ESA....

Hi all,i need to track ALL possible informations about who changed what on ESA.I've enabled history logs, but it only shows a brief description, aside with the username.I've digged into gui_logs or system logs but if the user doesn't make a comment o...

Hello all, until which operation in the ESA workflow (emailrep.-> MaliflowPolicy -> AcceptanceControl -> AS/AV -> Filereputation -> ..) is the connection from the sender on hold (Pre-Queue- Filtering)? Or when does the sender get the final "250 ok" i...

Hello to all, Just a fast question.We are planning to migrate the current SMA server for the management of Ironport equipment, from the current M100v to an M300v.Would the license allow this model upgrade? Do you know if the configuration of a model ...

Hey,I want to compare fields like this: if(header('To') != rcpt-to) { drop(); }   But I receive error message saying that 'rcpt-to' is not STRING. How can I overcome this issue, as I assume bot of these should return string. Or if not, atleast some u...

hi there, was just asked to create a possible block for email in regards to the most recent Apple IOS IOC's.It has been running now for 2 hours and already caught one "bad" email adressed to an IPhone user. AppleIOSTextDetectv2: if recv-listener == "...

Hi,today we started evaluating the ESA AMP File Reputation service. I was really surprised to find that the only options available to deal with malicious emails are "drop" and "deliver as is". No quarantine. Why, Cisco. Why? :-/Surprises aside, there...

Hello, We would like to get SSO working for logging into SMA. We currently have is setup for Spam Quarantine in SMA but would like to get it working for the Administrative side. I followed the instructions that were provided in Ver 13 for ESA SSO, ch...

I need to know if it is possible to use TLS for outgoing mail by using a content filter and maybe mail flowpolicy ?I'm aware of destination controll how it works for outgoing mail.An example, if I have outgoing mail with header "important" I would li...

Hi everyone I hope you can assist me here, we have been utilising CRES for several years successfully using the content filter option for activating the option for senders, however I have been asked about the functionality that is mentioned in the bl...

HelloHow dose virtual gateways works in a ESA Cluster?  Can you use one gateway att cluser level  and it applies to both machines?Or do you need to have one gate and Ip per unit? Regards//Andreas