12-03-2018 03:40 PM
Followed the "Detect Spoofed Email Message" article.
But when we get to Create a Message Filter using the CLI, we can't commit. When we go back to the mail CLI prompted we get "nothing to commit". Is there something special that needs to be done when ESA is clustered?
Solved! Go to Solution.
12-04-2018 03:11 AM
Hello,
Would you be able to share your session output when you try to add the filter?
Thanks
-Dennis M.
12-04-2018 03:11 AM
Hello,
Would you be able to share your session output when you try to add the filter?
Thanks
-Dennis M.
12-04-2018 08:51 AM
TAK replied to me within 10 minutes and pointed out that we just needed to hit enter a second time and then type commit.
The KB article needs to be updated. I added in red what needs to be added.
From KB.
mark_spoofed_messages:
if(
(mail-from-dictionary-match("VALID_INTERNAL_DOMAINS", 1))
OR (header-dictionary-match("VALID_INTERNAL_DOMAINS","From", 1)))
AND ((sendergroup != "RELAYLIST")
AND (sendergroup != "MY_TRUSTED_SPOOF_HOSTS")
)
{
insert-header("X-Spoof", "");
} (Hit Enter)
. (Hit Enter)
Hit Enter
Commit (Hit Enter)
12-04-2018 11:43 AM
Ah, the ol' missed commit. :) Thanks for the update and I'm glad you got it figured out. I'll make sure the article is updated ASAP to provide clarity on the steps.
Thanks!
-Dennis M.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide