cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
586
Views
0
Helpful
0
Replies
Participant

SMTP_COMMAND_OVERFLOW from Cisco ESA Cloud

Our FMC server is constantly detecting this intrusion (SMTP_COMMAND_OVERFLOW) from the same host which is our cloud-based Cisco ESA appliance.

How should I deal with this?

My inclination is to trust this host, but not sure if I should just whitelist the IP or what?

Looking for some guidance on this?

Is there a way to have this host bypass ONLY this detection but still leaving it in play for file/malware inspection?

Thanks in advance.

NM