Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1346
Views
0
Helpful
3
Replies

In ESA i want to block all spams , but this emails will be delivered to one email account as reference

Go to solution
mithun.ccie
Level 1
Level 1

‎08-06-2015 12:53 AM

Hi,

Can any one help me to configure spam prevention in ESA, so that i can drop the spams and one copy of the spams will be delivered to one email address?

 

Regards

Mithun Dey

Labels:
Preview file
120 KB
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎08-06-2015 05:42 PM

Hey Mithun,


I would suggest setting it to 'deliver' as you have setup as per screenshot. Delete the address in send to alternate host, but add a custom header like 'X-Positive-Spam' on the 'add custom header' field.

Once done submit this and go to GUI > Mail Policies > Incoming Content Filters

Add a new content filter

Order the content filter on the top of the list if you want this filter to take action first

Condition > Select "Other Header" and look for header X-Positive-Spam and use 'if header exists' rule on this

 

Action > Send Copy (BCC)  to the recipient you wish to send (Or you can select Notify -> Put in the custom recipient and tick 'attach original email')

Second Action -> Drop (Final Action)

Submit this content filter.

 

Go to GUI > Mail Policies > Incoming Mail Policies > Enable this filter on the policies you wish to have it done with.

 

Submit and commit changes.

 

Essentially the positive spam email will go through, get to this content filter, if header exists, it sends a copy/notify+attached original email to the specified address before dropping the original marked email.

 

Regards,
Matthew

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee

‎08-06-2015 05:42 PM

Hey Mithun,


I would suggest setting it to 'deliver' as you have setup as per screenshot. Delete the address in send to alternate host, but add a custom header like 'X-Positive-Spam' on the 'add custom header' field.

Once done submit this and go to GUI > Mail Policies > Incoming Content Filters

Add a new content filter

Order the content filter on the top of the list if you want this filter to take action first

Condition > Select "Other Header" and look for header X-Positive-Spam and use 'if header exists' rule on this

 

Action > Send Copy (BCC)  to the recipient you wish to send (Or you can select Notify -> Put in the custom recipient and tick 'attach original email')

Second Action -> Drop (Final Action)

Submit this content filter.

 

Go to GUI > Mail Policies > Incoming Mail Policies > Enable this filter on the policies you wish to have it done with.

 

Submit and commit changes.

 

Essentially the positive spam email will go through, get to this content filter, if header exists, it sends a copy/notify+attached original email to the specified address before dropping the original marked email.

 

Regards,
Matthew

0 Helpful

Go to solution
mithun.ccie
Level 1
Level 1
In response to Mathew Huynh

‎08-11-2015 10:11 AM

Hello, 

Thank you very much for your support. It worked. I found some emails are not delivered dues to connection aborted , probably network issue ? Can you please help how to find the root cause of those incidents ? Only in case of incoming .

0 Helpful

Go to solution
Mathew Huynh
Cisco Employee
Cisco Employee
In response to mithun.ccie

‎08-11-2015 04:49 PM

Hey Mithun,

 

For incoming emails, if it's receiving aborted, please share with me a bit of the message tracking excerpt, you are correct, most of the time it is typically due to a network interruption occurring.

 

Thanks,

Matthew

0 Helpful
Customers Also Viewed These Support Documents