Cisco Cisco Content Security Management Appliance M390 Guia Do Utilizador
6-23
Cisco IronPort AsyncOS 7.2.0 for Security Management User Guide
OL-21768-01
Chapter 6 Managing the Cisco IronPort Spam Quarantine
If a message sender or domain is blocklisted, the delivery behavior depends on the
blocklist action settings. Similar to safelist delivery, the message is splintered if
there are different recipients with different safelist/blocklist settings. The
blocklisted message splinter is then quarantined or dropped, depending on the
blocklist action settings.
blocklist action settings. Similar to safelist delivery, the message is splintered if
there are different recipients with different safelist/blocklist settings. The
blocklisted message splinter is then quarantined or dropped, depending on the
blocklist action settings.
Note
You specify blocklist actions in the external spam quarantine settings on the Email
Security appliance. For more information, see
Security appliance. For more information, see
.
If you configure the blocklist action to quarantine messages, the message is
scanned and eventually quarantined. If you configure the blocklist action to delete
messages, the message is deleted immediately after safelist/blocklist scanning.
scanned and eventually quarantined. If you configure the blocklist action to delete
messages, the message is deleted immediately after safelist/blocklist scanning.
Troubleshooting Safelists and Blocklists
End users maintain their own safelists and blocklists. Administrators can access
an end user’s safelist or blocklist by logging in to the end user account with the
user’s login and password. Alternatively, an administrator can download a backup
version of the safelist/blocklist database to edit individual users’ lists.
an end user’s safelist or blocklist by logging in to the end user account with the
user’s login and password. Alternatively, an administrator can download a backup
version of the safelist/blocklist database to edit individual users’ lists.
To troubleshoot issues with safelists and blocklists, you can view the log files or
system alerts.
system alerts.
When an email message is blocked due to safelist/blocklist settings, the action is
logged in the ISQ_logs or the anti-spam log files.
logged in the ISQ_logs or the anti-spam log files.
Alerts are sent out when the database is created and updated, or if there are errors
in modifying the database or running the safelist/blocklist processes.
in modifying the database or running the safelist/blocklist processes.
For more information about alerts, see
For more information about log files, see Chapter 12, `Logging,' on page 1.
Using End User Safelists and Blocklists
End users can create safelists to ensure that messages from specified senders are
never treated as spam, and they can use blocklists to ensure that messages from
specified senders are always treated as spam. For example, an end user might
never treated as spam, and they can use blocklists to ensure that messages from
specified senders are always treated as spam. For example, an end user might