Cisco Cisco Email Security Appliance C170
16
Release Notes for Cisco IronPort AsyncOS 7.6.1 for Email
Known Issues
52308
LDAP Test Query in Domain Assignment Fails If One or More Servers Defined
in Domain Assignments Is Unreachable.
in Domain Assignments Is Unreachable.
When you run the test query from the Domain Assignment page, the query may
erroneously tests other servers defined from the Domain Assignments page. If any
server defined in the Domain Assignments page is unreachable, the query may fail.
erroneously tests other servers defined from the Domain Assignments page. If any
server defined in the Domain Assignments page is unreachable, the query may fail.
52444
One or More Unavailable LDAP Servers Can Cause a Chain Query to Fail.
One or more unavailable LDAP servers in a chain can cause the chain query to fail.
55289
False Positives with “Transmission of Contact Information” DLP Policy.
A message signature containing the sender's contact information can result in a false
positive from the “Transmission of Contact Information” DLP policy if a reply to the
original message resulted in the sender's information appearing multiple times in the
message body. Workaround: Adjust the policy’s severity scale to increase the number
of matches before triggering the policy’s actions.
positive from the “Transmission of Contact Information” DLP policy if a reply to the
original message resulted in the sender's information appearing multiple times in the
message body. Workaround: Adjust the policy’s severity scale to increase the number
of matches before triggering the policy’s actions.
49096
AsyncOS Does Not Support Multiple RADIUS Class Attributes.
Currently, AsyncOS supports only one RADIUS class attribute per user. If a user has
more than one class attribute defined, AsyncOS provides the user access to the GUI
based on the first RADIUS class attribute only. Ensure that you carefully configure
the RADIUS server to define the user's group in the first RADIUS class attribute.
more than one class attribute defined, AsyncOS provides the user access to the GUI
based on the first RADIUS class attribute only. Ensure that you carefully configure
the RADIUS server to define the user's group in the first RADIUS class attribute.
49909
CLI Does Not Support Usernames Longer Than 16 Characters for Local and
External Authentication.
External Authentication.
Currently, the CLI does not support usernames containing 17 characters or more.
Workaround: Use a shorter username, or enter the username in the GUI, which has no
such limitation if external authentication is configured.
Workaround: Use a shorter username, or enter the username in the GUI, which has no
such limitation if external authentication is configured.
51185
External Authentication Fails if the Group Name Contain Special Characters.
External Active Directory LDAP users cannot long into the IronPort Email Security
appliance if they belong to an LDAP group that has one of the following special
characters in the group name:
appliance if they belong to an LDAP group that has one of the following special
characters in the group name:
# " < > , + \ ;
. Active Directory escapes these
characters by prepending backslashes (
\
). This issue also affects LDAP group queries.
Workaround: Manually escape these characters during configuration by adding the
backslash character (
backslash character (
\
) before the special character. For example, if the LDAP group
name is #Admin, enter
\#Admin
when mapping LDAP groups in AsyncOS.
51884
Editing a Large Content Dictionary From the GUI Causes Browser to Hang.
Attempting to edit a content dictionary that is larger than the recommended five
thousand term limit from the GUI may sometimes cause the browser to hang.
thousand term limit from the GUI may sometimes cause the browser to hang.
Workaround: If your content dictionary is larger than the five thousand term limit,
export the file, edit it, and import it again from the CLI. Do not edit larger files in the
GUI.
export the file, edit it, and import it again from the CLI. Do not edit larger files in the
GUI.
71994
Host Key Cannot Be Updated For Individual Logs via the GUI.
Instead of updating the SSH host key for SCP push for an individual log, manually
entering an SSH host key using a log subscription’s GUI page actually updates the
host key for all logs which are configured to SCP push to the given host.
entering an SSH host key using a log subscription’s GUI page actually updates the
host key for all logs which are configured to SCP push to the given host.
Table 3
Known Issues for AsyncOS 7.6.0 for Email (continued)
Defect ID
Description