Cisco Cisco Email Security Appliance C170
6
Release Notes for Cisco IronPort AsyncOS 7.6.3 for Email
7.6.3
What’s New
See the “Email Authentication” chapter in the Cisco IronPort AsyncOS Advanced Configuration Guide
for more information.
for more information.
Enhancement: Skip DKIM Signing Action
In AsyncOS 7.6, content filters now include an action to skip DKIM signing. See the “Email Security
Manager” chapter in the Cisco IronPort AsyncOS for Email Configuration Guide for more information.
Manager” chapter in the Cisco IronPort AsyncOS for Email Configuration Guide for more information.
Enhancement: Rate Limiting and Enforced TLS for Envelope Senders in Mail Flow Policies
AsyncOS 7.6 updates Mail Flow Policies with the option to limit number of recipients during a specified
time period that a listener will receive from a unique envelope sender, based on the mail-from address.
Each listener tracks its own rate limiting threshold; however, because all listeners validate against a
single counter, it is more likely that the rate limit will be exceeded if messages from the same mail-from
address are received by multiple listeners.
time period that a listener will receive from a unique envelope sender, based on the mail-from address.
Each listener tracks its own rate limiting threshold; however, because all listeners validate against a
single counter, it is more likely that the rate limit will be exceeded if messages from the same mail-from
address are received by multiple listeners.
You can also make TLS connections mandatory for envelope senders from a certain domain or with a
specific email address when the mail flow policy has a setting of Preferred for encryption over TLS.
specific email address when the mail flow policy has a setting of Preferred for encryption over TLS.
You specify the domains and email addresses for these envelope senders using an address list.
AsyncOS also adds a Rate Limiting report that allows you to quickly identify individual senders of large
numbers of messages. Use this report to help you to control spam from internal user accounts, identify
compromised user accounts, limit out-of-control applications that use email, and avoid damaging your
organization’s online reputation and the attendant hassles resulting from this situation.
numbers of messages. Use this report to help you to control spam from internal user accounts, identify
compromised user accounts, limit out-of-control applications that use email, and avoid damaging your
organization’s online reputation and the attendant hassles resulting from this situation.
See the “Using Email Security Monitor” chapter in the Cisco IronPort AsyncOS for Email Daily
Management Guide for more information.
Management Guide for more information.
Enhancement: Separate Update Servers for AsyncOS Upgrades and Other Service Updates
AsyncOS 7.6 allows you to specify a different update server for AsyncOS upgrades than the one used
for other service updates, such as feature key updates, outbreak filters, and time zone rules. For example,
you can specify a local server for downloading AsyncOS upgrades while using the Cisco IronPort update
servers for the other service updates.
for other service updates, such as feature key updates, outbreak filters, and time zone rules. For example,
you can specify a local server for downloading AsyncOS upgrades while using the Cisco IronPort update
servers for the other service updates.
See the “System Administration” chapter in the Cisco IronPort AsyncOS for Email Configuration Guide
for more information.
for more information.
Enhancement: Message Size for Encryption
Starting in AsyncOS 7.6, the Email Security appliance can encrypt messages up to 10 MB in size. If the
appliance attempts to encrypt a message larger than 10 MB, it will be send the message back to the
sender.
appliance attempts to encrypt a message larger than 10 MB, it will be send the message back to the
sender.
Enhanced: Web User Interface Protection
AsyncOS 7.6 for Email includes additional protection from cross-site request forgeries (CSRF) and other
attacks on the web user interface.
attacks on the web user interface.