I want to block all domains that end in .bid, .top and others.  I'm ok if they never make it to the various engines for processing and are dropped during the initial SMTP handshake.  How best to accomplish? I put .bid in the RAT with a reject, but I'm seeing .bid emails come thru.  Rather not have to play whack-a-mole.   Thank you for any insight. ... View more

I am constantly getting this warning on my C170 ESA: The Warning message is: 75% of the disk quota for Miscellaneous services(logs, configuration file, and so on) is used. You can either increase the disk quota for Miscellaneous services or manually free up space used by Miscellaneous services. Version: 9.7.2-131 I have increased the available disk for Miscellaneous services, but the System Files Usage is increasing exponentially while the user files is static at < 1Gb.  I've logged in and deleted old log files, but it is this System File that appears to be the issue. Is there a way for me to reduce the System Files Usage?  It doesn't appear I have access to it and my Ironport is near or at capacity.  I cannot increase the log file size any more than it already is. Greg ... View more

C170 ESA Ironport: So I created a disclaimer on our inbound network listener that brands every email coming thru that listener with a warning that it comes from outside the org. However, that now breaks smime encrypted email that I get from my IPS/IDS monitoring service.  Any suggestions on how I can remedy this situation?  The supposition is that my ESA breaks the email by either putting the disclaimer on it or trying to.  The email I end up getting just contains the text version of the disclaimer, and the error message I get when clicking the smime.p7m file is " This file cannot be previewed because there is no previewer installed for it ".   ... View more