Cisco Cisco Email Security Appliance C650 Guía Del Usuario
13-3
Cisco AsyncOS 8.0 for Email User Guide
Chapter 13 Anti-Spam
IronPort Anti-Spam Filtering
IronPort Anti-Spam Filtering
Evaluation Key
Your Cisco IronPort appliance ships with a 30-day evaluation key for the Cisco IronPort Anti-Spam
software. This key is not enabled until you accept the license agreement in the system setup wizard or
Security Services > IronPort Anti-Spam pages (in the GUI) or the
software. This key is not enabled until you accept the license agreement in the system setup wizard or
Security Services > IronPort Anti-Spam pages (in the GUI) or the
systemsetup
or
antispamconfig
commands (in the CLI). Once you have accepted the agreement, Cisco IronPort Anti-Spam will be
enabled, by default, for the default incoming Mail Policy. An alert is also sent to the administrator
address you configured (see the System Setup Wizard,
enabled, by default, for the default incoming Mail Policy. An alert is also sent to the administrator
address you configured (see the System Setup Wizard,
) noting that the Cisco
IronPort Anti-Spam license will expire in 30 days. Alerts are sent 30, 15, 5, and 0 days prior to
expiration. For information on enabling the feature beyond the 30-day evaluation period, contact your
Cisco IronPort sales representative. You can see how much time remains on the evaluation via the System
Administration > Feature Keys page or by issuing the
expiration. For information on enabling the feature beyond the 30-day evaluation period, contact your
Cisco IronPort sales representative. You can see how much time remains on the evaluation via the System
Administration > Feature Keys page or by issuing the
featurekey
command. (For more information, see
Cisco IronPort Anti-Spam: an Overview
IronPort Anti-Spam addresses a full range of known threats including spam, phishing and zombie
attacks, as well as hard-to-detect low volume, short-lived email threats such as “419” scams. In addition,
IronPort Anti-Spam identifies new and evolving blended threats such as spam attacks distributing
malicious content through a download URL or an executable.
attacks, as well as hard-to-detect low volume, short-lived email threats such as “419” scams. In addition,
IronPort Anti-Spam identifies new and evolving blended threats such as spam attacks distributing
malicious content through a download URL or an executable.
Step 6
(Recommended) Enable SenderBase Reputation Service
scoring for each inbound mail flow policy, even if you
are not rejecting connections based on SenderBase
Reputation Scores.
scoring for each inbound mail flow policy, even if you
are not rejecting connections based on SenderBase
Reputation Scores.
For each inbound mail flow policy, ensure that “Use
SenderBase for Flow Control” is On.
SenderBase for Flow Control” is On.
See
Step 7
If your Email Security appliance does not connect
directly to external senders to receive incoming mail, but
instead receives messages relayed through a mail
exchange, mail transfer agent, or other machine on your
network, ensure that relayed incoming messages include
the original sender IP address,
directly to external senders to receive incoming mail, but
instead receives messages relayed through a mail
exchange, mail transfer agent, or other machine on your
network, ensure that relayed incoming messages include
the original sender IP address,
Step 8
Prevent alert and other messages generated by your
appliance from being incorrectly identified as spam.
appliance from being incorrectly identified as spam.
Step 9
Test your configuration.
Step 10
(Optional) Configure settings for service updates
(including anti-spam rules.)
(including anti-spam rules.)
Scanning rules for both anti-spam solutions are retrieved
by default from the Cisco IronPort update servers.
by default from the Cisco IronPort update servers.
•
•
•
Do This
More Info