Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
771
Views
0
Helpful
2
Replies

Cisco ESA, how to clean emails from internal domain

mariusz.sawczuk
Level 1
Level 1

‎12-18-2014 05:15 AM

On ESA, I have two listeners configured on separated interfeaces:  Data1 incomming , Data2 - outgoing for processing incomming emails and outgoing emails.

ESA is processing incomming messages from Internet to my emial domain, and sending outgoing emails from my emial domian to Internet as well.

Now I would like to configrue ESA, so it could received internal emails from my email server (domain), cleaning them and sending back to the same email server.

Of course I must reconfigure my emial server, so it could send his internal email to ESA, but let say I know how to do this.

But how to configure ESA?

To which interfeace (listener) shoud .my email server connect and send emails?

Labels:
0 Helpful
2 Replies 2

Paul Cardelli
Level 1
Level 1

‎12-18-2014 07:50 AM

Not a very standard configuration for an email gateway, but for starters, you may want to setup another listener for the internal to internal traffic. I'm thinking like a firewall configuration here, but I don't think this will work the way you want it too.

Another method that might be a little better if you have the resources (VMware or something similar), is to setup another virtual appliance, use clusterconfig to make configuration much easier, and create a cluster group for appliances that will be filtering your internal traffic, while keeping your gateway appliance configurations focused on filtering incoming and outgoing e-mails. There are no extra licenses to purchase, just need to setup your virtual appliance license fie if you don't already have one.

Personally I use Exchange, and there are plenty of ways to filter and control traffic with transport rules internally, but you may have some specific requirements that require a little extra filtering.

which type of listener (private/public) you would like to send your internal traffic would also depend on the filter requirements. If it is just DLP and the likes as if you were sending it out to the public, then probably a private type of listener. 

0 Helpful

Paul Cardelli
Level 1
Level 1

‎12-18-2014 10:04 PM

 

For more information on Listeners and advanced configurations you may want to take a look at the following document. It may help you to understand how ESAs were designed to run and see if there is a way to configure the listeners to meet them. There are some good diagrams and explanations a little above and beyond the user guides.

http://www.cisco.com/c/dam/en/us/td/docs/security/esa/esa7-6/ESA_7-6_AdvancedGuide.pdf

 

0 Helpful
Customers Also Viewed These Support Documents