Cisco Cisco Content Security Management Appliance M160 Guía Del Usuario
7-11
Cisco IronPort AsyncOS 8.0 for Security Management User Guide
Chapter 7 Managing the Cisco IronPort Spam Quarantine
Configuring and Managing the End User Safelist/Blocklist Feature
You can allow end users to create safelists and blocklists to better control which email messages are
treated as spam. Safelists allow a user to ensure that mail from specified users and domains is never
treated as spam. Blocklists ensure that mail from other users and domains is always treated as spam.
When you enable the safelist/blocklist feature, each end user can maintain a safelist and blocklist for his
or her email account.
treated as spam. Safelists allow a user to ensure that mail from specified users and domains is never
treated as spam. Blocklists ensure that mail from other users and domains is always treated as spam.
When you enable the safelist/blocklist feature, each end user can maintain a safelist and blocklist for his
or her email account.
Note
A safelist or blocklist setting does not prevent the Email Security appliance from scanning a message for
viruses or determining if the message meets the criteria for a content-related mail policy. If a message
is sent from a safelist member, it might not be delivered to the end user depending on other scanning
settings.
viruses or determining if the message meets the criteria for a content-related mail policy. If a message
is sent from a safelist member, it might not be delivered to the end user depending on other scanning
settings.
When a user adds an entry to a safelist or blocklist, the entry is stored in a database on the Security
Management appliance and periodically updated and synchronized on all related Email Security
appliances. For information about synchronization, see
Management appliance and periodically updated and synchronized on all related Email Security
appliances. For information about synchronization, see
. For information on backing up the database, see
The safelists and blocklists are created and maintained by end users. However, an administrator enables
the feature and configures delivery settings for email messages that match entries in the blocklist.
Because the safelists and blocklists are related to the Cisco IronPort Spam Quarantine, delivery behavior
is also contingent on other anti-spam settings. A message might skip anti-spam scanning based on the
processing that occurs before the message reaches the Email Security Manager in the email pipeline. For
more information about message processing, see “Understanding the Email Pipeline” in the Cisco
IronPort AsyncOS for Email Security Configuration Guide.
the feature and configures delivery settings for email messages that match entries in the blocklist.
Because the safelists and blocklists are related to the Cisco IronPort Spam Quarantine, delivery behavior
is also contingent on other anti-spam settings. A message might skip anti-spam scanning based on the
processing that occurs before the message reaches the Email Security Manager in the email pipeline. For
more information about message processing, see “Understanding the Email Pipeline” in the Cisco
IronPort AsyncOS for Email Security Configuration Guide.
For example, if you configure the “Accept” mail flow policy in the HAT to skip anti-spam scanning, then
users who receive mail on that listener will not have their safelist and blocklist settings applied to mail
received on that listener. Similarly, if you create a mailflow policy that skips anti-spam scanning for
certain message recipients, these recipients will not have their safelist and blocklist settings applied.
users who receive mail on that listener will not have their safelist and blocklist settings applied to mail
received on that listener. Similarly, if you create a mailflow policy that skips anti-spam scanning for
certain message recipients, these recipients will not have their safelist and blocklist settings applied.
For more information about delivery of safelist/blocklist messages, see
.
Enabling and Configuring Safelist/Blocklists on the Security Management Appliance
Before you can enable the safelist/blocklist feature, you must enable the Cisco IronPort Spam
Quarantine on the appliance. For more information about enabling the Cisco IronPort Spam Quarantine,
see
Quarantine on the appliance. For more information about enabling the Cisco IronPort Spam Quarantine,
see
.
Procedure
Step 1
On the Security Management appliance, choose Management Appliance > Centralized Services >
Spam Quarantine.
Spam Quarantine.
Step 2
Click Enable in the End-User Safelist/Blocklist section.
Step 3
Click Edit Settings in the End-User Safelist/Blocklist section.
Step 4
Verify that the Enable End User Safelist/Blocklist Feature check box is checked.
Step 5
Specify the maximum number of list items per user. This value is the maximum number of addresses and
domains that a user can include in each safelist and blocklist. The default is 100.
domains that a user can include in each safelist and blocklist. The default is 100.