Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
28-8
Cisco AsyncOS 9.5 for Email User Guide
Chapter 28 Using Email Security Monitor
Email Security Monitor Pages
Categorizing Email
Messages reported in the Overview and Incoming Mail pages are categorized as follows:
•
Stopped by Reputation Filtering: All connections blocked by HAT policies multiplied by a fixed
multiplier (see
multiplier (see
) plus all
recipients blocked by recipient throttling.
•
Invalid Recipients: All recipients rejected by conversational LDAP rejection plus all RAT
rejections.
rejections.
•
Spam Messages Detected: The total count of messages detected by the anti-spam scanning engine
as positive or suspect and also those that were both spam and virus positive.
as positive or suspect and also those that were both spam and virus positive.
•
Virus Messages Detected: The total count and percentage of messages detected as virus positive
and not also spam.
and not also spam.
Note
If you have configured your anti-virus settings to deliver unscannable or encrypted
messages, these messages will be counted as clean messages and not virus positive.
Otherwise, the messages are counted as virus positive.
messages, these messages will be counted as clean messages and not virus positive.
Otherwise, the messages are counted as virus positive.
•
Detected by Advanced Malware Protection: A message attachment was found to be malicious by
file reputation filtering. This value does not include verdict updates or files found to be malicious
by file analysis.
file reputation filtering. This value does not include verdict updates or files found to be malicious
by file analysis.
•
Messages with Malicious URLs: One or more URLs in the message were found to be malicious by
URL filtering.
URL filtering.
•
Stopped by Content Filter: The total count of messages that were stopped by a content filter.
•
Stopped by DMARC: The total count of messages that were stopped after DMARC verification.
•
S/MIME Verification/Decryption Failed: The total count of messages that failed S/MIME
verification, decryption, or both.
verification, decryption, or both.
•
S/MIME Verification/Decryption Successful: The total count of messages that were successfully
verified, decrypted, or decrypted and verified using S/MIME.
verified, decrypted, or decrypted and verified using S/MIME.
•
Clean Messages: Mail that is accepted and is deemed to be virus and spam free — the most accurate
representation of clean messages accepted when taking per-recipient scanning actions (such as
splintered messages being processed by separate mail policies) into account. However, because
messages that are marked as spam or virus positive and still delivered are not counted, the actual
number of messages delivered may differ from the clean message count.
representation of clean messages accepted when taking per-recipient scanning actions (such as
splintered messages being processed by separate mail policies) into account. However, because
messages that are marked as spam or virus positive and still delivered are not counted, the actual
number of messages delivered may differ from the clean message count.
•
Graymail Messages
–
Marketing Messages: The total count of advertising messages sent by professional marketing
groups, for example Amazon.com.
groups, for example Amazon.com.
–
Social Networking Messages: The total count of notification messages from social networks,
dating websites, forums, and so on. Examples include LinkedIn and CNET forums.
dating websites, forums, and so on. Examples include LinkedIn and CNET forums.
–
Bulk Messages: The total count of advertising messages sent by unrecognized marketing
groups, for example, TechTarget, a technology media company.
groups, for example, TechTarget, a technology media company.
Click on the number corresponding to any of the above mentioned graymail categories to view a list
of messages belonging to that category using Message Tracking.
of messages belonging to that category using Message Tracking.