Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Cisco Community
- :
- About The-Messenger
Stats
Member since
11-29-2010
48
Posts
1
Helpful
0
Solutions
05-03-2016
07:46 AM
What is the best method to allow exceptions to bounce verification?
... View more
Labels:
03-31-2016
11:29 AM
We've enabled URL filtering, working great, but I want to log more information for the exceptions that I know are coming. I'm not getting the results I expect with my Add log entry action.
My action step is:
log-entry("$MatchedContent triggered $FilterName")
All I'm getting with that log entry is: Message 455 Custom Log Entry: triggered Mailicious_URL Message 255 dropped by content filter 'Mailicious_URL' in the inbound table.
I want to see the URL that is getting caught but the $matchedcontent variable is not pulling it.
What do I need to log the URL that is getting caught?
... View more
- Tags:
- URL filtering
Labels:
03-22-2016
02:00 PM
I have a similar or the same issue. After implementing a disclaimer (footer) on incoming messages some invites were scrambled, those sent from gmail.com and some others.
Removing the disclaimer resolved the issue.
If I do set Disclaimers to "Y, the system should try to re-encode the message body", will this open up other possible formatting issues?
What is the disadvantage to the Yes setting?
... View more
07-27-2015
05:37 AM
Thanks for the help – much helpful. I currently setup my rule to go to the spam quarantine by inserting a header with "X-Ironport-Quarantine", "Quarantine". This works fine, the same rule also notifies the recipient and has a link to the login for our spam quarantine. My problem using the spam quarantine is that it’s confusing to users, they will think they have the same functionality with emails containing zip files as they do spam – for example they’ll think they can release and white-list an email with a zip file. Also, I want to more emphasis on the risk with emails and zip file attachments, separating them from general spam would help that. What I have works, I was hoping that I had missed something and that it would be possible to link to a quarantine, other than spam, to separate these files.
... View more
Created by
The-Messenger
in Email Security
in Email Security
07-26-2015
07:33 AM
07-26-2015
07:33 AM
I would like to send emails with compressed file attachments to a quarantine, not spam quarantine, then notify the recipient that an email has been quarantined. Can I create a text resource, include a link to a quarantine - one that is NOT the spam quarantine? Is there any way for a user to access a quarantine, other than the spam quarantine, and release a message? thanks!
... View more
Labels:
Created by
The-Messenger
in Email Security
in Email Security
07-26-2015
07:24 AM
07-26-2015
07:24 AM
I see messages in tracking with lines like this encountered CASE down (1/10). Retry scanning in 12 seconds What does encountered CASE down mean? Next question - can I determine what specific text in a message caused it to be caught by a filter or rule? Thanks!
... View more
Labels:
Created by
The-Messenger
in Email Security
in Email Security
06-21-2013
01:49 PM
06-21-2013
01:49 PM
Is there a log on the ironport system that will report the affending word in an email caught in the profanity filter?
... View more
Labels:
05-17-2013
05:33 AM
I'm not sure how to ask my question this. I have filters that I've created in the cli, these are device filters. I have filters that I've created in the web interface, these are cluster configurations. I want to have a white list that will apply to the filters I've created in the CLI. How do I white list cli/device filters?
... View more
Labels:
Created by
The-Messenger
in Email Security
in Email Security
05-13-2013
05:22 AM
05-13-2013
05:22 AM
So, what am I doing wrong here? To create this filter in the web interface I create new filter, select Add Condition, Message Body and past "(?i)(?:http?|https?)://[^\\s\"]+viewform", the system adds quotes and \, to be this; only-body-contains("\"(?i)(?:http?|https?)://[^\\\\s\\\"]+viewform\"", 1). The filter does not drop links with viewform in them.
... View more
Created by
The-Messenger
in Email Security
in Email Security
05-13-2013
05:01 AM
05-13-2013
05:01 AM
This is what I thought to be true. The reason the filter is in the cli is that I wasn't able to get it to work in the GUI. I'm going to look at that again now.
... View more
Created by
The-Messenger
in Email Security
in Email Security
05-09-2013
07:16 AM
05-09-2013
07:16 AM
I've found that my issue is that from the CLI I'm configuring a specific device, from the gui where my whitelist sits, I'm configuring the cluster. In this case I don't see how to do a whitelist in the cli for a device and I've been unable to successfully create this flter in the gui for the cluster. The version of AsyncOS is 7.6.2-014 Here is one of the cli/device filters: Form-phishing: if body-contains("(?i)(?:http?|https?)://[^\\s\"]+viewform", 1) { notify-copy (" admin@co.com ", "Ironport Phishing-Viewform"); drop(); }
... View more
05-08-2013
05:49 AM
Working with an Ironport C360 device. I have some content filters that I've created from the cli login and some that I've created from the web interface. These seem to be completely seperate from a mail flow view. I can't see cli created filters in the web interface and the whitelist feature in the web interface ignores the filtes created in the cli. How can I either include the cli filters in the whitelist configuration or set a whitelist for filters created in the cli? Thanks in advance.
... View more
Labels:
10-08-2012
01:48 PM
I didn't know Cisco offered hosted services for continuity and archiving.
... View more
10-08-2012
12:36 PM
Anyone know of an email security/continuity/archiving hosting service that uses Ironport?
... View more
Labels:
Created by
The-Messenger
in Email Security
in Email Security
09-04-2012
01:15 PM
09-04-2012
01:15 PM
Thank you that is good information and it's more than what I had. But all I get for this message isstill just Rejected by Receiving Control. I was hoping I cold find which receiving control, something more specific.
... View more
03-31-2016
We've enabled URL filtering, working great, but I want to log more
information for the exceptions th...
03-22-2016
I have a similar or the same issue. After implementing a disclaimer
(footer) on incoming messages so...
07-27-2015
Thanks for the help – much helpful. I currently setup my rule to go to
the spam quarantine by insert...
07-26-2015
I would like to send emails with compressed file attachments to a
quarantine, not spam quarantine, t...
07-26-2015
I see messages in tracking with lines like thisencountered CASE down
(1/10). Retry scanning in 12 se...
06-21-2013
Is there a log on the ironport system that will report the affending
word in an email caught in the ...
05-17-2013
I'm not sure how to ask my question this. I have filters that I've
created in the cli, these are dev...
05-13-2013
So, what am I doing wrong here?To create this filter in the web
interface I create new filter, selec...
05-13-2013
This is what I thought to be true. The reason the filter is in the cli
is that I wasn't able to get ...
05-09-2013
I've found that my issue is that from the CLI I'm configuring a specific
device, from the gui where ...
05-08-2013
Working with an Ironport C360 device. I have some content filters that
I've created from the cli log...
10-08-2012
Anyone know of an email security/continuity/archiving hosting service
that uses Ironport?
Created by
The-Messenger
in Email Security
09-04-2012
09-04-2012
Thank you that is good information and it's more than what I had. But
all I get for this message iss...
Public Statistics
| Date Registered | 11-29-2010 08:58 AM |
| Date Last Visited | 08-18-2017 04:03 AM |
| Total Messages Posted | 48 |
| Total Helpful Votes Received | 1 |
