Cisco Cisco Email Security Appliance C160 Guía Del Usuario

The host at $ip has been added to the blacklist because of an 
SSH DOS attack.

The host at $ip has been permanently added to the ssh 
whitelist. 

The host at $ip has been removed from the blacklist 

’ip’ - IP address from which 
a login attempt occurred. 

Warning. 

IP addresses that try to connect to the appliance over SSH but 
do not provide valid credentials are added to the SSH blacklist 
if more than 10 failed attempts occur within two minutes. 

When a user logs in successfully from the same IP address, 
that IP address is added to the whitelist. 

Addresses on the whitelist are allowed access even if they are 
also on the blacklist. 

Entries are automatically removed from the blacklist after 
about a day. 

LDAP: Failed group query $name, comparison in filter will 
evaluate as false

’name’ - The name of the 
query.

Critical. Sent when an LDAP group query fails.

LDAP: work queue processing error in $name reason $why

’name’ - The name of the 
query.

’why’ - Why the error 
happened.

Critical. Sent when an LDAP query fails completely (after 
trying all servers).

Critical. Various logging errors.

MID $mid matched the $rule_name rule. \n Details: $details

‘mid’ - Unique 
identification number of the 
message.

‘rule_name’ - The name of 
the rule that matched.

‘details’ - More information 
about the message or the 
rule.

Information. Sent every time when a Header Repeats rule 
evaluates to 

true

.

LDAP group query failure during per-recipient scanning, 
possible LDAP misconfiguration or unreachable server.

Critical. Sent when an LDAP group query fails during 
per-recipient scanning.

Critical. Various mail queue hard errors.