Just a FYI that Cisco released 7.5.2 of the Outlook Plugin software and if you have the default install done all of your end users will get a pop up telling them that a new version is available. The Download link just takes them to a Cisco software download page, the user needs to login with a Cisco ID, have a contract number to download the software.     Two complaints: What's new in this Version isn't used for what's new in this version, just talks about the same link the 'Download' button has. Most end users are not going to have a Cisco ID or a contract number to download the software. Resolution: Looks like this can be controlled with the  C:\ProgramData\Cisco\Cisco IronPort Email Security Plug-In\username\CommonCompnentsConfig.xml file and setting <checkForUpdates>     <checkAutomatically display="hidden">true</checkAutomatically>     <ignoredVersion>7.5.2</ignoredVersion>     <serverURL>http://updates.res.cisco.com</serverURL>   </checkForUpdates> checkAutomatically to a false value. ... View more

When configuring the IronPort 7.4 plug-in for Outlook for FLAG encryption, is it possible to supress the "Enter Password" Acknowledge or Cancel prompt?   I attached the prompt in the capture.png attachment below. ... View more

I cannot use FTP in my environment to login to the appliance and move the file. ... View more

When SafeLlist/Blocklist functionality will be added to the plug-in so that users do not have to login to their SPAM quarantine hosted on our M series? ... View more

Getting ready to upgrade my two appliances and I find that Async 9.5 and 9.6 are not FIPS compliant.   Can any details be shared or if a FIPS compliant version will be available soon? ... View more

We currently have 7500 internal users authorized to do e-mail encryption via our on-premise IronPort appliances and CRES.  All is working great except for responses from external recipients.   I have about 4000 users that do not want those e-mails encrypted, and want them delivered via a required TLS connection, mostly because they do not want to decrypt all of the e-mails.  Well, I also have about 3500 users who want the e-mails encrypted for security reasons.   My understanding is I can either setup CRES to deliver all e-mails to my organization encrypted or all e-mails to my organization via required TLS connection.   Still correct?   If so, how do I resolve the above problem?   My work around is I could possibly encrypt the e-mails after they arrive at my organization for the 3500 users, but this doesn't make much sense to me as they have already traversed the internet (albeit via a TLS connection) to get to me.   Thoughts? ... View more

We currently allow anonymous SMTP relay for our internal network and with HAT entries I'm wondering what SMTP authentication gains us?   Even with external servers relaying e-mail through our appliances via HAT entries and network access I'm still wondering what advantage I would gain by setting up SMTP authentication and requiring servers to login to relay e-mails.   Any thoughts? ... View more

Wanted to get the communities input on how to deal with e-mail providers like Office365.  I receive e-mail from a lot of shops that use Office365 as their e-mail provider and what I'm finding is a lot of Office365s servers have very poor reputations for SPAM.  Right now they have over 100 IP address that have a SBRS score of -3.0 or worse.   A poor Office365 tenant has no control over what server their e-mail comes from (or do they know what IP, other than .outlook.com) within the Office365 cloud and intermittently it will be sent from an IP that has a poor reputation.   Well, then my system, protected by IronPort filtering sees that poor SBRS reputation and says no way, so then the sender gets all upset and contacts the recipient (my customer) and the recipient doesn't know what to tell them, so they say, send it to GMAIL account, and more times than not it works.   Making it seem that the problem is on my end when in all reality it is on the senders end because they are hosted on an environment that has a poor reputation SMTP server.   To resolve the problem the best answer that I can come up with is to add .outlook.com to a policy that ignores SBRS scores, allowing ALL of them to connect to my appliances and send all kinds of garbage that most (if there is a definition for it) get filtered out before getting to my users mailboxes but at the expense of my environments resources.  But ultimately some gets through because its new and we report it to Cisco but this doesn't improve the volume of garbage that Office365 can send me, only the amount that I have to filter out from them.  Can't throttle the volume of e-mail down to a helpful level accepted from Office365 as we already have a high volume of legitimate e-mail coming from it.   Anyway, wanted to get the communities input on this, is there a better answer, and how this is going to work moving forward with more and more organizations moving to cloud providers where they have a large number of organizations hosted on one environment.   Jason     ... View more

My C670 ESA's have been throwing these alerts intermittently for the past few days, anyone else seeing them?   The Warning message is:   Unable to connect to Cisco Web Security Service. URL Filtering will not work correctly. Please verify all network, proxy and firewall settings. Connection to "v2.sds.cisco.com" failed. The last error seen on this connection: "Request failed with code: 28 (Connection time-out)"   Version: 8.5.6-092   Looks like it is open on port 443 and currently up.  Hitting it with a browser gives me:   https://v2.sds.cisco.com/   After an error or two they go away and appear OK.      Checking the logs I don't see a way to verify URL lookups are working, is there a way?   Also, I setup URL filtering six months ago and had it set to only trigger on (-10)-(-9.5) and saw about an 80% false positive.  It has improved over the past six months drastically but still catching mostly advertising URLs and allowing all phishing URLs right through.  I've yet to see it block a phishing URL.   Jason     ... View more

  Is it possible to modify the BCE_Config.xml file so that the plug-in will use "Use system proxy settings"   I'm guessing it is in this section:   Name of proxy configuration, specifed in the <proxies> section,         to use when communicating with key server.         -->         <proxy></proxy>     </keyserver>     <!--     Proxy configurations. This feature is not supported on Android, or iOS.     -->     <proxies>         <!-- The value of the name attribute should be used in the keyserver proxy tag above to use a proxy. -->         <proxy name="name">             <!--             Proxy implementation class to use. Supported values are                 Web                 SOCKS4                 SOCKS4a                 SOCKS5             -->             <type></type>   But I don't know what to specify for "Use System Proxy Settings".   ... View more