Cisco Cisco Email Security Appliance C650 Guía Del Usuario
C H A P T E R
3-1
Cisco IronPort AsyncOS 7.6 for Email Daily Management Guide
OL-25138-01
3
Tracking Email Messages
This chapter contains the following sections:
•
•
•
•
•
Tracking Service Overview
The message tracking service makes it easy to find the status of messages processed by AsyncOS, and
you can quickly resolve help desk calls by determining the exact location of a message. You can use
message tracking to determine if a particular message was delivered, found to contain a virus, or placed
in a spam quarantine — or if it is located somewhere else in the mail stream.
you can quickly resolve help desk calls by determining the exact location of a message. You can use
message tracking to determine if a particular message was delivered, found to contain a virus, or placed
in a spam quarantine — or if it is located somewhere else in the mail stream.
You can enable message tracking on your local Cisco IronPort Email Security appliance, or you can
enable centralized tracking on an M-Series appliance to track messages for multiple email security
appliances. For instructions on enabling centralized tracking, see the Cisco IronPort AsyncOS for
Security Management User Guide . For instructions for enabling local tracking, see
enable centralized tracking on an M-Series appliance to track messages for multiple email security
appliances. For instructions on enabling centralized tracking, see the Cisco IronPort AsyncOS for
Security Management User Guide . For instructions for enabling local tracking, see
.
Instead of having to search through log files using “grep” or similar tools, you can use the flexible
tracking interface to locate messages. You can use a variety of search parameters in combination.
tracking interface to locate messages. You can use a variety of search parameters in combination.
Tracking queries can include:
•
Envelope information: Find messages from particular envelope senders or recipients by entering
the text strings to match.
the text strings to match.
•
Subject header: Match a text string in the subject line. Warning: Do not use this type of search in
environments where regulations prohibit such tracking.
environments where regulations prohibit such tracking.
•
Time frame: Find a message that was sent between specified dates and times.
•
Sender IP address or rejected connections: Search for messages from a particular IP address, or
show rejected connections in the search results.
show rejected connections in the search results.
•
Event Information: Find messages that match specified events, such as messages flagged as virus
positive, spam positive, or suspected spam, and messages that were delivered, hard bounced, soft
bounced, or sent to the Virus Outbreak Quarantine.
positive, spam positive, or suspected spam, and messages that were delivered, hard bounced, soft
bounced, or sent to the Virus Outbreak Quarantine.