Cisco Cisco Email Security Appliance C160 Mode D'Emploi

Malicious URLs and messages containing marketing links are not caught by the anti-spam or 

outbreak filters. 

This can occur because web site reputation and category are only two among many criteria that 
anti-spam and outbreak filters use to determine their verdicts. You can increase the sensitivity of 
these filters by lowering the thresholds required to take action such as rewriting or replacing URLs 
with text, or quarantining or dropping messages. For details, see 

. Alternatively, create content 

or message filters based on URL reputation score. 

This can also occur if the Email Security appliance is unable to connect to the Cisco Web Security 
Services. See 

. 

The defined action in a content or message filter based on URL category is not applied. 

Use the Trace feature (described in the Troubleshooting chapter) to follow the message processing 
path. 

This can occur if the Email Security appliance is unable to connect to the Cisco Web Security 
Services. See 

. 

If there are no connection issues, the URLs may not yet be categorized, or may be miscategorized. 
See 

. You can use this site to 

determine the category of a URL. 

A malicious URL was redirected to the Cisco Web Security Proxy, but the end user was able to 

access the site anyway. 

This can occur if: 

The site was not yet identified as a malicious site.  

The connection to the Cisco Web Security Proxy timed out, which should be a rare occurrence. 
Ensure that network issues are not interfering with the connection. 

Use this procedure if the appliance is unable to automatically obtain a certificate for communication with 
Cisco Web Security Services.