Here is my output :
antivirusstatus SAV Engine Version 3.2.07.364.0_5.24 IDE Serial 2016050201 Last Engine Update 09 Mar 2016 03:54 (GMT +00:00) Last IDE Update 02 May 2016 06:20 (GMT +00:00) Version Product: Cisco IronPort X1070 Messaging Gateway(tm) Appliance Model: X1070 Version: 9.7.0-125
I had the same issue twice in the past, running ' antivirusupdate force' fixed it the first time.
The 2nd time it happened to me, it was because VM ESAppliance are using a different update servers than the HW ESAppliance, and this breaks when you have a cluster of mixed Virtual and Hardware appliances. If it's your case,
virtual ESA uses : update-manifests.sco.cisco.com:443
hardware ESA uses : update-manifests.cisco.com:443
In my case, it broke everything for a couple of days, until i realized they needed different dynamichost config ...
... View more
Hello, I'm trying to figure out how to handle a case that I have here with Spam Quarantine and invalid-recipient. Basically, when a mail is sent to an invalid recipient , my ironport boxes drops it (using smtp routes to /dev/null) for non existing aliases. But when this particular piece of mail contains spam, it get to spam quarantine before being dropped. And now, my spam quarantine is containing 1.5M emails and sending more than 180k mail notificication to most of the time invalid user. Is there ways besides ldap recipient checking to drop this kind of messages ? I checked the Trace message option, and it looks like the website sending this DHA have bad reputation. They are in my Throttled policy. What is the recommended setting for invalid recipient per hour for this kind of policy. Obviously, i'd like to drop the maximum amount of email coming from this IP Regards, Alexis
... View more