SPAM filter setting for CRES secure e-mail

isddml_ironport · ‎10-15-2009

I am using Ironport strictly as an outgoing e-mail encryption engine. We use a different incoming spam filter (Barracuda). I would like to be able to go to the CRES site and send an encrypted message to our internal domain so users can establish their CRES credentials. However, the anti-spoofing rules on the Barracuda block the incoming mail because the domain it was from is our internal domain. I have whitelisted the mx-res.cisco.com address, 216.206.186.134, but I am still receiving block messages like below (I removed the actual e-mail address):

Your message did not reach some or all of the intended recipients.

Subject: Test 1
Sent: 10/15/2009 7:36 AM

The following recipient(s) cannot be reached:

(removed) on 10/15/2009 7:36 AM
The e-mail system was unable to deliver the message, but did not report a specific reason. Check the address and try again. If it still fails, contact your system administrator.
mx1.res.cisco.com #5.0.0 smtp; 5.1.0 - Unknown address error 550-'Blocked\x00\x006' (delivery attempts: 0)

First of all, are there other IP addresses I should be whitelisting for Cisco RES outbound e-mail mail servers? What else do I need to do? I don't want to turn of the anti-spoofing, due to the spam we would receive.

kyerramr · ‎10-16-2009

With the recent CRES upgrade IP address range used for mail delivery has changed. Please refer the below posting.

https://www.ironportnation.com/forums/viewtopic.php?t=1482

Best,
Kishore

isddml_ironport · ‎10-16-2009

Thanks. We will add these Cider ranges to our whitelist and test.