Cisco Cisco Email Security Appliance X1070 User Guide
4-42
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
Chapter 4 Quarantines
Working with Safelists and Blocklists
•
Access safelists and blocklists. Depending on authentication settings, end users may need to log
into their Cisco IronPort Spam Quarantine accounts. For more information, see
into their Cisco IronPort Spam Quarantine accounts. For more information, see
.
•
Add safelist entries. Users add safelist entries from the Options menu or the list of quarantined
messages in Cisco IronPort Spam Quarantine. For more information, see
messages in Cisco IronPort Spam Quarantine. For more information, see
.
•
Add blocklist entries. Users add blocklist entries from the Options menu of the Cisco IronPort
Spam Quarantine. For more information, see
Spam Quarantine. For more information, see
Accessing Safelists and Blocklists
To access safelists and blocklists, end users whose accounts are authenticated using LDAP or Mailbox
(IMAP/POP) authentication must log into their accounts on the Cisco IronPort Spam Quarantine. The
end user must log into their account even if they are accustomed to accessing their messages via a spam
notification (which usually doesn’t require authentication). If the end-user authentication is set to
NONE, end users do not need to log into their accounts to access safelist/blocklist settings.
(IMAP/POP) authentication must log into their accounts on the Cisco IronPort Spam Quarantine. The
end user must log into their account even if they are accustomed to accessing their messages via a spam
notification (which usually doesn’t require authentication). If the end-user authentication is set to
NONE, end users do not need to log into their accounts to access safelist/blocklist settings.
Syntax for Safelists and Blocklist Entries
Entries can be added to safelists and blocklists using the following formats:
•
user@domain.com
•
server.domain.com
•
domain.com
End users cannot add a sender or domain to both safe and block lists at the same time. However, if the
end user adds a domain to a safelist, and the email address for a user of that domain to the blocklist (or
vice versa), the Cisco IronPort appliance applies both rules. For example, if the end user adds
example.com to the safelist, and adds george@example.com to the blocklist, the Cisco IronPort appliance
delivers all mail from example.com without scanning for spam, but will treat mail from
george@example.com as spam.
end user adds a domain to a safelist, and the email address for a user of that domain to the blocklist (or
vice versa), the Cisco IronPort appliance applies both rules. For example, if the end user adds
example.com to the safelist, and adds george@example.com to the blocklist, the Cisco IronPort appliance
delivers all mail from example.com without scanning for spam, but will treat mail from
george@example.com as spam.
End users cannot allow or block a range of sub-domains using the following syntax: .domain.com.
However, an end user can explicitly block a specific domain using the following syntax:
server.domain.com.
However, an end user can explicitly block a specific domain using the following syntax:
server.domain.com.
Adding Entries to Safelists
End users can add senders to safelists in two ways:
Method 1
Step 1
From the IronPort Spam Quarantine, select the Options drop-down menu.