Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Graymail Detection and 
Safe Unsubscribing

The Email Security appliance allows you to:

Identify graymail using the integrated graymail engine and apply 
appropriate policy controls.

Provide a secure and easy mechanism for end users to 
unsubscribe from unwanted graymail using cloud-based 
Unsubscribe Service.

You can monitor the detected graymail using the following reports:

Overview page > Incoming Mail Summary

Incoming Mail page > Top Senders by Graymail Messages

Incoming Mail page > Incoming Mail Details

Incoming Mail page > Incoming Mail Details > Sender Profile 
(drill down view)

Internal Users page > Top Users by Graymail 

Internal Users page > User Mail Flow Details

Internal Users page > User Mail Flow Details > Internal User 
(drill down view)

If you have enabled service updates, scanning rules for the graymail 
management solution are automatically retrieved from the Cisco 
update servers.

See 

Web Interaction Tracking

The web interaction tracking feature provides information about the end 
users who clicked on rewritten (policy or Outbreak Filter) URLs and the 
action associated with each user click.

Once you enable this feature, you can use the Web Interaction Tracking 
report to view information such as top malicious URLs clicked, top users 
who clicked on malicious URLs, and so on.

See 

.

Support for On-Premises 
File Analysis 

If you have deployed a Cisco AMP Threat Grid appliance on your 
network, you can analyze message attachments for malware without 
sending them to the cloud. 

To configure an on-premises file analysis server, see