Cisco Cisco Email Security Appliance C160 Mode D'Emploi
13-27
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 13 Anti-Spam
Monitoring Rules Updates
Incoming Relays and Logging
In the following log example, the SenderBase Reputation score for the sender is reported initially on
line 1. Later, once the Incoming Relay is processed, the correct SenderBase Reputation score is reported
on line 5.
line 1. Later, once the Incoming Relay is processed, the correct SenderBase Reputation score is reported
on line 5.
Incoming Relays and Mail Logs
The following example shows a typical log entry containing Incoming Relay information:
Configuring Logs to Specify Which Headers Are Used
Your Cisco appliance only examines the headers that were present when the message was received. So,
additional headers added locally (such as Microsoft Exchange headers, etc.) or when the message is
received by the Cisco appliance are not processed. One way to help determine which headers are used is
to configure AsyncOS logging to include the headers you use.
additional headers added locally (such as Microsoft Exchange headers, etc.) or when the message is
received by the Cisco appliance are not processed. One way to help determine which headers are used is
to configure AsyncOS logging to include the headers you use.
To configure logging settings for headers, see
.
Monitoring Rules Updates
Once you have accepted the license agreement, you can view the most recent Cisco Anti-Spam and Cisco
Intelligent Multi-Scan rules updates.
Intelligent Multi-Scan rules updates.
1
Fri Apr 28 17:07:29 2006 Info: ICID 210158 ACCEPT SG UNKNOWNLIST match
nx.domain SBRS rfc1918
nx.domain SBRS rfc1918
2
Fri Apr 28 17:07:29 2006 Info: Start MID 201434 ICID 210158
3
Fri Apr 28 17:07:29 2006 Info: MID 201434 ICID 210158 From: <joe@sender.com>
4
Fri Apr 28 17:07:29 2006 Info: MID 201434 ICID 210158 RID 0 To: <mary@example.com>
5
Fri Apr 28 17:07:29 2006 Info: MID 201434 IncomingRelay(senderdotcom): Header
Received found, IP 192.192.108.1 being used, SBRS 6.8
Received found, IP 192.192.108.1 being used, SBRS 6.8
6
Fri Apr 28 17:07:29 2006 Info: MID 201434 Message-ID
'<7.0.1.0.2.20060428170643.0451be40@sender.com>'
'<7.0.1.0.2.20060428170643.0451be40@sender.com>'
7
Fri Apr 28 17:07:29 2006 Info: MID 201434 Subject 'That report...'
8
Fri Apr 28 17:07:29 2006 Info: MID 201434 ready 2367 bytes from <joe@sender.com>
9
Fri Apr 28 17:07:29 2006 Info: MID 201434 matched all recipients for per-recipient policy
DEFAULT in the inbound table
DEFAULT in the inbound table
10
Fri Apr 28 17:07:34 2006 Info: ICID 210158 close
11
Fri Apr 28 17:07:35 2006 Info: MID 201434 using engine: CASE spam negative
12
Fri Apr 28 17:07:35 2006 Info: MID 201434 antivirus negative
13
Fri Apr 28 17:07:35 2006 Info: MID 201434 queued for delivery
Wed Aug 17 11:20:41 2005 Info: MID 58298 IncomingRelay(myrelay): Header Received found,
IP 192.168.230.120 being used