Cisco Cisco Content Security Management Appliance M390 用户指南
4-34
AsyncOS 9.6 for Cisco Content Security Management Appliances User Guide
Chapter 4 Using Centralized Email Security Reporting
Understanding the Email Reporting Pages
authenticate using SMTP authentication, the number that failed and succeeded to authenticate the
connection using a client certificate, and the number that failed and succeeded to authenticate using the
SMTP AUTH command.
connection using a client certificate, and the number that failed and succeeded to authenticate using the
SMTP AUTH command.
The Received Recipients graph displays the number of recipients whose mail clients attempted to
authenticate their connections to the Email Security appliances to send messages using SMTP
authentication. The graph also show the number of recipients whose connections were authenticated and
the number of recipients whose connections were not authenticated.
authenticate their connections to the Email Security appliances to send messages using SMTP
authentication. The graph also show the number of recipients whose connections were authenticated and
the number of recipients whose connections were not authenticated.
The SMTP Authentication details table displays details for the domains whose users attempt to
authenticate their connections to the Email Security appliance to send messages. For each domain, you
can view the number of connection attempts using a client certificate that were successful or failed, the
number of connection attempts using the SMTP AUTH command that were successful or failed, and the
number that fell back to the SMTP AUTH after their client certificate connection attempt failed. You can
use the links at the top of the page to display this information by domain name or domain IP address.
authenticate their connections to the Email Security appliance to send messages. For each domain, you
can view the number of connection attempts using a client certificate that were successful or failed, the
number of connection attempts using the SMTP AUTH command that were successful or failed, and the
number that fell back to the SMTP AUTH after their client certificate connection attempt failed. You can
use the links at the top of the page to display this information by domain name or domain IP address.
Rate Limits Page
Rate Limiting by envelope sender allows you to limit the number of email message recipients per time
interval from an individual sender, based on the mail-from address. The Rate Limits report shows you
the senders who most egregiously exceed this limit.
interval from an individual sender, based on the mail-from address. The Rate Limits report shows you
the senders who most egregiously exceed this limit.
Use this report to help you identify the following:
•
Compromised user accounts that might be used to send spam in bulk.
•
Out-of-control applications in your organization that use email for notifications, alerts, automated
statements, etc.
statements, etc.
•
Sources of heavy email activity in your organization, for internal billing or resource-management
purposes.
purposes.
•
Sources of large-volume inbound email traffic that might not otherwise be considered spam.
Note that other reports that include statistics for internal senders (such as Internal Users or Outgoing
Senders) measure only the number of messages sent; they do not identify senders of a few messages to
a large number of recipients.
Senders) measure only the number of messages sent; they do not identify senders of a few messages to
a large number of recipients.
The Top Offenders by Incident chart shows the envelope senders who most frequently attempted to send
messages to more recipients than the configured limit. Each attempt is one incident. This chart
aggregates incident counts from all listeners.
messages to more recipients than the configured limit. Each attempt is one incident. This chart
aggregates incident counts from all listeners.
The Top Offenders by Rejected Recipients chart shows the envelope senders who sent messages to the
largest number of recipients above the configured limit. This chart aggregates recipient counts from all
listeners.
largest number of recipients above the configured limit. This chart aggregates recipient counts from all
listeners.
Rate Limiting settings, including “Rate Limit for Envelope Senders” settings, are configured on the
Email Security appliance in Mail Policies > Mail Flow Policies. For more information on rate limiting,
see the documentation or online help for your Email Security appliance.
Email Security appliance in Mail Policies > Mail Flow Policies. For more information on rate limiting,
see the documentation or online help for your Email Security appliance.
Related Topics
•