Руководство Пользователя для Cisco Cisco Content Security Management Appliance M160

Rate Limiting by envelope sender allows you to limit the number of email message recipients per time 
interval from an individual sender, based on the mail-from address. The Rate Limits report shows you 
the senders who most egregiously exceed this limit. 

Use this report to help you identify the following: 

Compromised user accounts that might be used to send spam in bulk. 

Out-of-control applications in your organization that use email for notifications, alerts, automated 
statements, etc. 

Sources of heavy email activity in your organization, for internal billing or resource-management 
purposes. 

Sources of large-volume inbound email traffic that might not otherwise be considered spam. 

Note that other reports that include statistics for internal senders (such as Internal Users or Outgoing 
Senders) measure only the number of messages sent; they do not identify senders of a few messages to 
a large number of recipients. 

The Top Offenders by Incident chart shows the envelope senders who most frequently attempted to send 
messages to more recipients than the configured limit. Each attempt is one incident. This chart 
aggregates incident counts from all listeners. 

The Top Offenders by Rejected Recipients chart shows the envelope senders who sent messages to the 
largest number of recipients above the configured limit. This chart aggregates recipient counts from all 
listeners. 

Rate Limiting settings, including “Rate Limit for Envelope Senders” settings, are configured on the 
Email Security appliance in Mail Policies > Mail Flow Policies. For more information on rate limiting, 
see the documentation or online help for your Email Security appliance. 

The Email > Reporting > Outbreak Filters page shows information about recent outbreaks and 
messages quarantined due to Outbreak Filters. You can use this page to monitor your defense against 
targeted virus, scam, and phishing attacks.

Use the Outbreak Filters page to answer the following types of questions:

How many messages are quarantined and by which Outbreak Filters rule?

How much lead time has the Outbreak Filters feature been providing for virus outbreaks?

How do the local outbreaks compare to the global outbreaks?

How long do messages stay in the Outbreak Quarantine? 

Which potentially malicious URLs are most frequently seen? 

The Threats By Type section shows the different types of threat messages received by the appliance. The 
Threat Summary section shows a breakdown of the messages by Virus, Phish, and Scam. 

The Past Year Outbreak Summary lists global as well as local outbreaks over the past year, allowing you 
to compare local network trends to global trends. The listing of global outbreaks is a superset of all 
outbreaks, both viral and non-viral, whereas local outbreaks are limited to virus outbreaks that have