02-25-2010 10:45 AM
I have our C160 setup to use the external CRES service.
I have a outgoing Policy #1 (named Cisco-registered-envelope) which applies to a couple of LDAP groups. There is an associated content policy that has a condition of =="[SEND SECURE]" in the Subject Header, with the end/final action being Encrypt and Deliver Now.
I have a 2nd outgoing Policy which applies to everyone at "ourdomain.org" and has no content policies associated with it( Disabled)
For emails containing the correct "condition", the system correctly encrypts the email.
However, I get random encryption for outgoing emails that don't meet the "encryption" content policy.
When looking at the history details of one of the encrypted messages (that shouldn't have been) it lists:
Message 52241 matched per-recipient policy Cisco-registered-envelope for outbound mail policies
From a user standpoint, both policies include the same sets of users, it's just that the Policy (Cisco-registered-envelope) contains an outgoing content filter (named Email_encryption) with the required condition of =="[SEND SECURE]" in the Subject Header.
I don't understand what is causing the encryption rule to be invoked for emails not containing the =="[SEND SECURE]" in the Subject Header.
Current AsyncOS Version: 7.0.1-010
Thanks in advance for your help.
Kirk...
Solved! Go to Solution.
08-30-2010 06:32 AM
Kirk,
the problem lies in the subject rule being an regular expression, and the square brakets ( []) are special characters. You'd need to rewrite the condition like this:
"\[SEND SECURE \]"
After submitting, the result should look like this:
subject == "\\[SEND SECURE \\]"
And should work as expected. For an explanation, an expression like [ abcdef... ] will match any single letter within the brakets.
Regards, Andreas
07-13-2010 03:47 PM
Let me see if I have your configuration correct.
You have two outgoing policies:
1. LDAP-Group-match (if the sender belongs to this group, then this policy is applied to the emali
2. Default (catch all)....any sender not in the Group #1, then they will be assigned this Outgoing Mail Policy.
------
1. LDAP-Group-match.
There is an outgoing content filter that looks for the "flag", "Send Secure", in the subject. If it's there, then encrypt the message.
If the "flag", is not there, encryption does not occur.
2. Default (catch-all)
No encryption should occur for emails assigned to this outgoing mail policy since the "outgoing content filters" are disabled.
-------
If the above statements are correct, then I think the messages that are getting encrypted are some how matching outgoing policy #1 and that content filter.
If you can still find the MID output for those "incorrectly" encrypted messages, you should see a place that shows which "outgoing mail policy" was assigned to the message. If you need assistance on this, please obtain the MID for that message and paste the results in this thread and I'll see if I can help.
Cheers,
Kevin
08-26-2010 11:12 AM
08-30-2010 06:32 AM
Kirk,
the problem lies in the subject rule being an regular expression, and the square brakets ( []) are special characters. You'd need to rewrite the condition like this:
"\[SEND SECURE \]"
After submitting, the result should look like this:
subject == "\\[SEND SECURE \\]"
And should work as expected. For an explanation, an expression like [ abcdef... ] will match any single letter within the brakets.
Regards, Andreas
09-22-2010 09:47 AM
Has anyone successfully used the “Sensitivity: Company-Confidential” option by modifying the .xml file? I have edited per the documentation but when I look at the message headers, I don't see a "Sensitivity" header being added to the message.
09-27-2010 06:09 AM
Hello Corey,
the"Company-Confidential" header, as I know, is added by Outlook
http://office.microsoft.com/en-us/outlook/HP052428801033.aspx
You could then create a content filter matching for this header as a condition, and ",Encrypt and Deliver Now" as action. Is it that what you are looking after?
Regards,
Andreas
09-27-2010 10:28 AM
I believe that is the same header that the documentation was referring to. Supposedly you
can tweak the Ironport .xml file on the user's PC and Ironport Outlook plugin will mark that header for the end user (rather than prepending SEND SECURE) and the filter on the appliance will encrypt the message. I tried modifying the xml file but when I view headers on the message but I don't see that it is being modified. I'm just curious if anybody had gotten it working or if it was buggy. Thx.
09-27-2010 02:49 PM
It would also be nice if the Outlook Plug-In checked to see if the string already exists in the e-mail. We have a lot of e-mail going through with the subject line being [Send Secure] Re: [Send Secure] [Send Secure] Fwd: [Send Secure]. Or something like that.
Long live the Iron Nation!
Jason Meyer
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide