User Guide

ManualsBrandsCisco Manualsantivirus security softwareCisco Email Security Appliance C680

331

332

333

334

335

336

337

338

339

340

13-3

AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide

Chapter 13 Anti-Spam

IronPort Anti-Spam Filtering

Related Topics

• Evaluation Key, page 13-3

• Cisco Anti-Spam: an Overview, page 13-4

• Configuring IronPort Anti-Spam Scanning, page 13-5

Evaluation Key

Your Cisco appliance ships with a 30-day evaluation key for the Cisco Anti-Spam software. This key is

not enabled until you accept the license agreement in the system setup wizard or Security Services >

IronPort Anti-Spam pages (in the GUI) or the

systemsetup or antispamconfig commands (in the CLI).

Once you have accepted the agreement, Cisco Anti-Spam will be enabled, by default, for the default

incoming Mail Policy. An alert is also sent to the administrator address you configured (see the System

Setup Wizard, Step 2: System, page 3-17) noting that the Cisco Anti-Spam license will expire in 30 days.

Alerts are sent 30, 15, 5, and 0 days prior to expiration. For information on enabling the feature beyond

the 30-day evaluation period, contact your Cisco sales representative. You can see how much time

remains on the evaluation via the System Administration > Feature Keys page or by issuing the

featurekey command. (For more information, see Feature Keys, page 33-5.)

Step 6

(Recommended) Enable SenderBase Reputation Service

scoring for each inbound mail flow policy, even if you

are not rejecting connections based on SenderBase

Reputation Scores.

For each inbound mail flow policy, ensure that “Use

SenderBase for Flow Control” is On.

See Defining Rules for Incoming Messages Using a Mail

Flow Policy, page 7-15.

Step 7

If your Email Security appliance does not connect

directly to external senders to receive incoming mail, but

instead receives messages relayed through a mail

exchange, mail transfer agent, or other machine on your

network, ensure that relayed incoming messages include

the original sender IP address.

Determining Sender IP Address In Deployments with

Incoming Relays, page 13-15

Step 8

Prevent alert and other messages generated by your

appliance from being incorrectly identified as spam.

Protecting Appliance-Generated Messages From the Spam

Filter, page 13-14

Step 9

(Optional) Enable URL filtering to strengthen protection

against malicious URLs in messages.

Enable URL Filtering, page 15-2

Step 10

Test your configuration. Testing Anti-Spam, page 13-24

Step 11

(Optional) Configure settings for service updates

(including anti-spam rules.)

Scanning rules for both anti-spam solutions are retrieved

by default from the Cisco update servers.

• Service Updates, page 33-17

• UpdatesThrough a Proxy Server, page 33-21

• Configuring Server Settings for Downloading

Upgrades and Updates, page 33-21

Do This More Info