Cisco Cisco Email Security Appliance C170 Guía Del Usuario
35-3
Cisco AsyncOS 9.0 for Email User Guide
Chapter 35 SenderBase Network Participation
Frequently Asked Questions
Count of Outbreak quarantine messages broken
down by what action was taken upon leaving
quarantine
down by what action was taken upon leaving
quarantine
10 messages had attachments stripped after leaving
quarantine
quarantine
Sum of time messages were held in quarantine
20 hours
Table 35-2
Statistics Shared Per IP Address
Item
Sample Data
Message count at various stages within the appliance
Seen by Anti-Virus engine: 100
Seen by Anti-Spam engine: 80
Sum of Anti-Spam and Anti-Virus scores and verdicts
2,000 (sum of anti-spam scores for all messages
seen)
seen)
Number of messages hitting different Anti-Spam and
Anti-Virus rule combinations
Anti-Virus rule combinations
100 messages hit rules A and B
50 messages hit rule A only
Number of Connections
20 SMTP Connections
Number of Total and Invalid Recipients
50 total recipients
10 invalid recipients
Hashed Filename(s):
(a)
A file <one-way-hash>.pif was found
inside an archive attachment called
<one-way-hash>.zip.
Obfuscated Filename(s): (b)
A file aaaaaaa0.aaa.pif was found inside a file
aaaaaaa.zip.
aaaaaaa.zip.
URL Hostname
(c)
There was a link found inside a message to
www.domain.com
www.domain.com
Obfuscated URL Path
(d)
There was a link found inside a message to hostname
www.domain.com, and had path aaa000aa/aa00aaa.
www.domain.com, and had path aaa000aa/aa00aaa.
Number of Messages by Spam and Virus Scanning
Results
Results
10 Spam Positive
10 Spam Negative
5 Spam Suspect
4 Virus Positive
16 Virus Negative
5 Virus Unscannable
Number of messages by different Anti-Spam and
Anti-Virus verdicts
Anti-Virus verdicts
500 spam, 300 ham
Count of Messages in Size Ranges
125 in 30K-35K range
Count of different extension types
300 “.exe” attachments
Table 35-1
Statistics Shared Per Cisco Appliance (continued)
Item
Sample Data