Cisco Cisco Email Security Appliance C170
4
Release Notes for AsyncOS 9.7.1 for Cisco Email Security Appliances
Changes in Behavior
Changes in Behavior in AsyncOS 9.7
Graymail Changes
Prior to this release, if a message is graymail and outbreak filter positive,
the actions configured for graymail are not applied after the message is
released from the outbreak quarantine. The safe unsubscribe banner (if
configured) is not added in this scenario.
the actions configured for graymail are not applied after the message is
released from the outbreak quarantine. The safe unsubscribe banner (if
configured) is not added in this scenario.
After upgrading to this release, the actions configured for graymail are
applied after the message is released from the outbreak quarantine. The
safe unsubscribe banner (if configured) is added in this scenario.
applied after the message is released from the outbreak quarantine. The
safe unsubscribe banner (if configured) is added in this scenario.
Mail Policy Matching
Logic Changes
Logic Changes
Prior to this release, while matching a message to a mail policy, the
envelope sender (RFC821 MAIL FROM address) and the sender header
(address found in the RFC822 From and Reply-To) had the same priority.
As a result, if you had configured a mail policy to match a specific user,
the messages were classified into that mail policy based on the sender
header.
envelope sender (RFC821 MAIL FROM address) and the sender header
(address found in the RFC822 From and Reply-To) had the same priority.
As a result, if you had configured a mail policy to match a specific user,
the messages were classified into that mail policy based on the sender
header.
After upgrading to this release, when you match a message to a mail
policy, the envelope sender and the envelope recipient have a higher
priority over the sender header. If you configure a mail policy to match a
specific user, then the messages are automatically classified into the mail
policy based on the envelope sender and the envelope recipient.
policy, the envelope sender and the envelope recipient have a higher
priority over the sender header. If you configure a mail policy to match a
specific user, then the messages are automatically classified into the mail
policy based on the envelope sender and the envelope recipient.
Changes in Outbreak
Filter Settings
Filter Settings
While enabling Outbreak Filter on mail policies, you can now configure
the appliance to modify the message subject even when the URL
Rewriting is disabled or the Threat Disclaimer is not set.
the appliance to modify the message subject even when the URL
Rewriting is disabled or the Threat Disclaimer is not set.
Representation of the CPU
utilization
utilization
For better representation of the CPU utilization, the parameter Total CPU
Utilization is now changed to Overall CPU Load Average (Monitor >
System Status > CPU Utilization on web interface or
Utilization is now changed to Overall CPU Load Average (Monitor >
System Status > CPU Utilization on web interface or
system status
command in CLI). Overall CPU Load Average is the average of the
appliance's CPU load in the last one minute.
appliance's CPU load in the last one minute.
Changes in
Authentication-Results
Header
Authentication-Results
Header
Authentication-Results header now includes authentication results for
SPF, DKIM, and DMARC verifications.
SPF, DKIM, and DMARC verifications.
Also, to be compliant to RFC5451, if DKIM verification is enabled and a
message is not DKIM signed, the appliance now adds “none” in the
Authentication-Result header.
message is not DKIM signed, the appliance now adds “none” in the
Authentication-Result header.
Changes in URL Filtering
URLs that were formerly labeled “Suspicious” are now labeled “Neutral.”
Only the labeling has changed; the underlying logic and processing have
not changed.
Only the labeling has changed; the underlying logic and processing have
not changed.
Receive and process
messages from domains
with malformed DMARC
records
messages from domains
with malformed DMARC
records
Cisco Email Security appliance will now be able to receive and process
messages from domains with malformed DMARC records. However, the
appliance will not perform DMARC verification of such messages.
messages from domains with malformed DMARC records. However, the
appliance will not perform DMARC verification of such messages.
Character limit for SMTP
Routes Destination
Hostnames removed
Routes Destination
Hostnames removed
While setting up SMTP Routes, you can now specify destination
hostnames of more than 45 characters.
hostnames of more than 45 characters.
Content Scanner Behavior For enhanced performance, if the Image Analysis Feature is not enabled,
content scanner will not extract images embedded in attachment files.