Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
On our C series ESA Ironports, we have set up a bonded interface using interfaceconfig on the CLI so that they can have a redundant failover interface.However our new M series SMA (running AsyncOS8.0.1) do not appear to have the bond option in the in...
So, we're thinking of getting a pair of M1070 Management Appliances to work with our cluster of C360 mail appliances (AsyncOS 7.6).It is not completely clear (a) which things can be centrally handled, and (b) which things can be handled in a redundan...
We're starting to get malicious content embedded in RAR files attached to emails. This shouldnt be a problem as we have a policy to quarantine any emails with executable attachemnts coming in.It appears that, although the Ironport recognises the .ra...
Obviously, this means that a TLS connection with certificate is required, and that the certificate should not have expired.However, does it also check the certificate name? If so, against what?I've a problem because a 'Required,verify' is failing to...
I am ahaving a problem with the behaviour of rate limiting (throttling) on the Ironport.According to the manual, you specify a rate limit of x messages per hour against a HAT Policy, and this is applied per-IP Address for the relevant HAT group(s).Ho...
I can't say for certain, but this looks very much like a form of bounce-validation being implemented by the websence.com domain mail gateway. The ironport does something similar if you enable the bounce validation.Note that the envelope sender does ...
Our Email appliances don't seem to have the option of upgrading to anything later thna AsyncOS 7.6; seems we'll have to wait until 8.0 becomes stable before we can get the full policy quarantine centralisation.With two Mgmt appliances, they seem to ...
This is good to know (that the functionality is available in AsyncOS 7.6) however, our C360 devices run 7.1, and so it seems we're unable to do it until we find some way to upgrade -- and I think 7.6 is not supported by C360s.Thanks,Steve
This is true, but our issue is that we do not want to block RAR files per se, only the ones that contain executables. With ZIP files, they are deep-inspected and so content filters can test the file sytems held within the ZIP. With RAR, you can onl...
