Restrict Incoming and Outgoing email and allow certain emails

Joe Martino · ‎03-10-2021

On Cisco ESA. I need to create a policy that will allow users to send to only certain email addresses. I am controlling the incoming with Exchange but I would like to control the outgoing with Cisco.

Requirements:

- Allow sending to only predetermined Vendor emails/domains
(Block any other emails to external and only allow certain email/domain)

Thank you all!

Joe Martino

Ken Stieers · ‎03-10-2021

You can do it pretty much like you do incoming mail.

Create an outgoing content filter that drops has one action, drop mail.

Create an outgoing policy ("allowed") with your matching internal users as senders AND their external recipients, set it up do whatever filtering you need

Create an outgoing policy below the allowed policy with your matching internal users, turn off all filters, etc, except the one content filter that drops mail.

Joe Martino · ‎03-15-2021

Hi - Thanks for the reply. I tried this and it isn't working. The blocked needs to be under the "whitelist"? or over?

1. Whitelisted

2. Drop

3. Default.
:"

Ken Stieers · ‎03-15-2021

The white list goes first.

For the drop policy everything off except the one content filter that drops mail (no need to the work if you just throw the mail away).

In the whitelist policy, it should look like this:

On the left, your list of users, if you have AD, you can use an AD group (assuming you did all of that LDAP setup)

On the right the companies they can send to. Make sure that the all ONLY IF ALL CONDITIONS MATCH is chosen.

SamantaKreyg78143 · ‎03-16-2021

Thanks, it was helpful foe me.