Cisco Cisco Content Security Management Appliance M1070 Mode D'Emploi
7-14
AsyncOS 8.1 for Cisco Content Security Management User Guide
Chapter 7 Managing the Cisco IronPort Spam Quarantine
The appliance displays a list of backup files that are stored in the
/configuration
directory.
Step 5
Select the Safelist/Blocklist backup file that you want to restore, and click Restore.
Troubleshooting Safelists and Blocklists
End users maintain their own safelists and blocklists. Administrators can access an end user’s safelist or
blocklist by logging in to the end user account with the user’s login and password. Alternatively, an
administrator can download a backup version of the safelist/blocklist database to edit individual users’
lists.
blocklist by logging in to the end user account with the user’s login and password. Alternatively, an
administrator can download a backup version of the safelist/blocklist database to edit individual users’
lists.
To troubleshoot issues with safelists and blocklists, you can view the log files or system alerts.
When an email message is blocked due to safelist/blocklist settings, the action is logged in the ISQ_logs
or the anti-spam log files.
or the anti-spam log files.
Alerts are sent out when the database is created and updated, or if there are errors in modifying the
database or running the safelist/blocklist processes.
database or running the safelist/blocklist processes.
For more information about alerts, see
For more information about log files, see
.
Using End User Safelists and Blocklists
End users can create safelists to ensure that messages from specified senders are never treated as spam,
and they can use blocklists to ensure that messages from specified senders are always treated as spam.
For example, an end user might receive unwanted email from a mailing list. The user can add this sender
to the user’s blocklist to prevent email messages from the sender from being delivered. On the other
hand, an end user might find that email messages from a legitimate sender are sent to the Cisco IronPort
Spam Quarantine, but those email messages should not be treated as spam. To prevent mail from that
sender from being quarantined, the user can add the sender to the user’s safelist.
and they can use blocklists to ensure that messages from specified senders are always treated as spam.
For example, an end user might receive unwanted email from a mailing list. The user can add this sender
to the user’s blocklist to prevent email messages from the sender from being delivered. On the other
hand, an end user might find that email messages from a legitimate sender are sent to the Cisco IronPort
Spam Quarantine, but those email messages should not be treated as spam. To prevent mail from that
sender from being quarantined, the user can add the sender to the user’s safelist.
Note
Safelist/blocklist settings are contingent on other settings configured by the system administrator. For
example, a safelisted message may not be delivered if it is determined to be virus positive, or if the
administrator determines that the content does not conform to company email policies.
example, a safelisted message may not be delivered if it is determined to be virus positive, or if the
administrator determines that the content does not conform to company email policies.
Accessing Safelists and Blocklists
To access safelists and blocklists, end users whose accounts are authenticated using LDAP or mailbox
authentication (IMAP or POP) must log in to their accounts on the Cisco IronPort Spam Quarantine. The
end users must log in to their accounts even if they are accustomed to accessing messages through a spam
notification (which typically does not require LDAP or mailbox authentication). If the end user
authentication is set to None, end users do not need to log in to their accounts to access safelist/blocklist
settings.
authentication (IMAP or POP) must log in to their accounts on the Cisco IronPort Spam Quarantine. The
end users must log in to their accounts even if they are accustomed to accessing messages through a spam
notification (which typically does not require LDAP or mailbox authentication). If the end user
authentication is set to None, end users do not need to log in to their accounts to access safelist/blocklist
settings.