Relay mail through Cisco Spam and Virus Blocker Appliance

Similar Messages

• Spam and Virus Blocker EOL

      Can anyone confirm that come December 31, 2015 the SPAM and VIRUS Blocker will become a brick with no more updates and no ability to to filter SPAM and Viruses?
      Very troubling if true.  Money spent on a hardware platform just to have it go EOL a couple of years later.

  Which model appliance do you have?  If you have a "Blocker" which is the small business platform - EOL is listed actually 12/2011.
  If you have a C-series, or larger... EOL information for hardware is based here:
  http://www.cisco.com/web/ironport/c_x_series_life_cycle.html
  EOL information for AsyncOS revisions specific is based here:
  http://www.cisco.com/web/ironport/asyncOS_esa_eol_dates.html
  -Robert

• Selection boxes in Barracuda Anti Spam and Virus Firewall do not appear in 7.0. They appeared in previous versions, and in IE.

  Selection boxes in Barracuda Anti Spam and Virus Firewall do not appear in 7.0. They appeared in previous versions, and in IE.

  FIXED!
  I reverted back to 3.6.23 and all works fine. From everything I can tell; number of problems submitted, breadth of issues, no access to versions 4, 5, 6 (rapid version turnover with no support), and now beta being released for 8, it seems FF is having the user base do all it's alpha/beta testing without consent. Being in product marketing myself, I probably would have lost a significant percentage of my customer base by now. When FF begins to support a new mainstream release, then I'll be interested again.

• Yahoo mail - mark as spam and folder creation?

  Is there a way to mark mail in inbox as spam so yahoo knows to move these messages automatically to spam folder in the future? Since using my ipod to manage yahoo email, seems like more and more spam enters inbox because I can not mark mail as spam using iPod. And is it possible to create/delete folders for mail?

  - No, there is no way to mark as spam and et that back to Yahoo.
  - Yu can't create folders on the iPod.  If yu hav a Yahoo IMAP account, you can usually create folders usning web mail and they will appear on the iPod.  If you have the more common POP3 account then yu can't create folder that will appear on the iPod.

• With the mail problem at hand, can I relay mail through a 10.4 server?

  I read all the post and get worried not to have my mail running on 10.5. The question is, can I use an other 10.4 server that is standing here around and handles print and file sharing for the network to host also mail. I was hoping I can set on the main server the mail server domain to the 10.4 server.
  I just don't know if this is possible and if so, how?
  Thanks,
  Dave

  i got a workaround. just linked to an outside zimbra server and all mails are working. I guess we'll have to wait until this is fixed.

• Why can't I block a number through the call and message blocking request?

  Every time I try to insert a number, it keeps saying that they are unable to complete my requested change at this time.

      Jezallygrace, I want to make sure you're able to block those unwanted calls and messages. If you're still having problems with the site, we'll need to verify the feature is on your account and possibly add the block for your. If you still need assistance, please send me a private message with your mobile number.
  MarquiaF_VZW
  Follow us on Twitter @VZWSupport

• My Macbook Air have spam and virus. How can I remove ?

  When I navigate on my mac, spam page comes. They are from other Country like British. I'm very hungry, because apple says of mac never have ''virus''.

  Please post a screenshot that shows what you mean. Be careful not to include any private information.
  Start a reply to this message. Drag the image file into the editing window to upload it. You can also include text in the reply.

• Relay Outgoing Mail Through Host Not Updating

  We relay our mail through an external company and I have added the entry to Relay Outgoing Mail Through Host field and enabled the tick box. What ever I do I cannot get these changes to take affect. I have tried modifying the main.cf and enabled the relay option without any joy. After modifying these I performed a full restart but it still hasn't taken affect.
  This has been working up to now but after a power cut stopped for some reason.
  We are running Mac OS X Server 10.4.8.
  Thanks
  Ross

  I'd noticed a small glitch with the GUI during earlier testing. Might not clear things for you but worth trying...
  Set it with the Relay Outgoing Mail ticked and relay server entered - click Save.
  Wait for whirling update thingy to stop.
  Delete the relay server name then tab out of field (field fills with greyed out "relay.example.com"), only then untick the option - Save.
  Wait for whirling update thingy to stop.
  Tick the option, fill in the relay server - Save.
  If no change, people will probably need the unedited output from "postconf -n" and an example mail.log entry showing an outgoing message leaving the server.
  -david

• Spam and Safe Senders etc

  It does NOT work.
  Continually I am having to go through the spam box and remove and mark yet again messages that are safe senders though clearly setup as a safe sender.
  It simply is not possible to make enough blocked senders by blocking a user. Tomorrow simply brings even more from the same blocked senders. Done it, been there, simply doesnot work.
  In all, the mail system is a very huge step BACKWARDS from Yahoo.

  Hi Cherkhan,
  Although we have a number of measures in place to detect and manage spam, we also rely on our customers to tell us what they don't want to receive. We base a sender's reputation on what our customers tell us about the messages they receive.
  After moving to BT Mail you may notice some changes to how your email messages are managed. Email messages you would normally expect to see in your Inbox may be missing. You may also receive spam in your Inbox. We're sorry about any problems this causes during this transition period, and suggest you follow the advice below:
        If you appear to be missing emails or have not received an email you were expecting, you first need to check the Spam folder. If the email is there, remember you need to mark it as Not Spam. Likewise if you are now receiving email into your Inbox that is Spam, remember you need to mark it as such.                                                             
        If you have previously marked emails from a particular sender as spam but continue to receive emails from them they should try Blocking the Sender. Advice on how to do this can be found by clicking the Help link within BT Mail.                                                                                                                                                            
        You can also add senders to their Safe Senders list and this will ensure that emails received from this source are delivered to their Inbox or a folder of their choice. Again advice on how to do this can be found by clicking the Help link within BT Mail.                                                                                                                                         
  If you find missing emails in the Spam folder, you can select the Not spam button, or alternatively you can drag and drop the email message back into your Inbox
  Further advice can be found at BT Mail: What is spam and how do I stop spam emails?
  Thanks
  PaddyB
  BTCare Community Mod
  If we have asked you to email us with your details, please make sure you are logged in to the forum, otherwise you will not be able to see our ‘Contact Us’ link within our profiles.
  We are sorry but we are unable to deal with service/account queries via the private message(PM) function so please don't PM your account info, we need to deal with this via our email account :-)

• Slow connection in one server if accessing through Cisco ACE

  Hi,
  Good day, Can someone help me on my problem? I have 3 servers, server1, server2 and server3. When one pc accessing the server 3 application via Cisco ACE, it experienced a slow connection but when direct access without Cisco Ace, it's fast. The connection of this PC through cisco ace and direct access have no issue.
  What need to do in my configuration? Below is my configuration
  logging enable
  logging timestamp
  logging trap 7
  logging buffered 7
  logging monitor 7
  logging host 167.81.126.5 udp/514
  logging host 137.55.152.147 udp/514
  resource-class SG_01
    limit-resource all minimum 0.00 maximum unlimited
    limit-resource sticky minimum 10.00 maximum equal-to-min
  boot system image:c4710ace-mz.A3_2_0.bin
  login timeout 30
  peer hostname singapore-ace2
  hostname singapore-ace1
  interface gigabitEthernet 1/1
    channel-group 14
    no shutdown
  interface gigabitEthernet 1/2
    channel-group 14
    no shutdown
  interface gigabitEthernet 1/3
    channel-group 14
    no shutdown
  interface gigabitEthernet 1/4
    channel-group 14
    no shutdown
  interface port-channel 14
    description ISOLAN-ACE-TRUNK
    ft-port vlan 99
    switchport trunk native vlan 1
    switchport trunk allowed vlan 12,14,112
    no shutdown
  clock timezone SGT 8 0
  ntp server 137.55.152.1
  context Admin
    member SG_01
  access-list ALL line 8 extended permit ip any any
  access-list ALL line 9 extended permit icmp any any
  ip domain-name ysn.psg.philips.com
  probe http singapore_01
    description This probe used to monitor application url-app-script
    interval 5
    passdetect interval 5
    request method get url /insiteserverstatus/insiteserverstatus.aspx
    expect status 200 200
    open 1
  probe http singapore_02
    description This probe used to monitor IIS-login-page
    interval 5
    passdetect interval 5
    request method get url /InSiteLumiledsApplication/
    expect status 200 200
    open 1
  probe icmp uplink
    description This probe used in conjunction with ft track host
    interval 2
    faildetect 2
    passdetect interval 3
  parameter-map type connection PARAM_L4STICKY-IP
    exceed-mss allow
  rserver host sggysnysn1ms013
    ip address 137.55.152.135
    inservice
  rserver host sggysnysn1ms014
    ip address 137.55.152.136
    inservice
  rserver host sggysnysn1ms018
    ip address 137.55.152.145
    inservice
  serverfarm host PLI9058
    probe singapore_01
    probe singapore_02
    rserver sggysnysn1ms013
      inservice
    rserver sggysnysn1ms014
      inservice
    rserver sggysnysn1ms018
      inservice
  sticky ip-netmask 255.255.255.255 address both SG_GROUP_01
    timeout 720
    replicate sticky
    serverfarm PLI9058
  class-map type management match-any HTTPS-ALLOW_CLASS
  class-map match-all L4STICKY-IP_141:ANY_CLASS
    2 match virtual-address 137.55.152.141 any
  class-map type http loadbalance match-any NO_MS018
    50 match source-address 137.55.155.31 255.255.254.0
  class-map type management match-any SSH-ALLOW_CLASS
    2 match protocol ssh source-address 167.81.124.0 255.255.255.192
    3 match protocol ssh source-address 167.81.126.0 255.255.255.192
  class-map type management match-any remote_access
    2 match protocol xml-https any
    3 match protocol icmp any
    5 match protocol ssh any
    6 match protocol http any
    7 match protocol https any
    8 match protocol snmp any
  policy-map type management first-match remote_mgmt_allow_policy
    class remote_access
      permit
  policy-map type loadbalance first-match L7PLBSF_STICKY-NETMASK_POLICY
    class class-default
      sticky-serverfarm SG_GROUP_01
      insert-http X-Forwarded-For header-value "%is"
  policy-map multi-match PLI9058-VIPs_POLICY
    class L4STICKY-IP_141:ANY_CLASS
      loadbalance vip inservice
      loadbalance policy L7PLBSF_STICKY-NETMASK_POLICY
      loadbalance vip icmp-reply
      connection advanced-options PARAM_L4STICKY-IP
  interface vlan 12
    description Client-side vlan
    bridge-group 1
    no normalization
    mac-sticky enable
    access-group input ALL
    access-group output ALL
    service-policy input PLI9058-VIPs_POLICY
    no shutdown
  interface vlan 14
    ip address 137.55.152.236 255.255.255.248
    peer ip address 137.55.152.237 255.255.255.248
    service-policy input remote_mgmt_allow_policy
    no shutdown
  interface vlan 112
    description Server-side vlan
    bridge-group 1
    no normalization
    access-group input ALL
    access-group output ALL
    nat-pool 1 137.55.152.141 137.55.152.141 netmask 255.255.255.192 pat
    no shutdown
  interface bvi 1
    ip address 137.55.152.189 255.255.255.192
    alias 137.55.152.188 255.255.255.192
    peer ip address 137.55.152.190 255.255.255.192
    description Bridge-Group 1 Virtual Interface
    no shutdown
  ft interface vlan 99
    ip address 192.168.1.1 255.255.255.252
    peer ip address 192.168.1.2 255.255.255.252
    no shutdown
  ft peer 1
    heartbeat interval 100
    heartbeat count 10
    ft-interface vlan 99
  ft group 1
    peer 1
    priority 150
    peer priority 50
    associate-context Admin
    inservice
  ft track host test1
    track-host 137.55.152.234
    peer track-host 137.55.152.235
    peer probe uplink priority 50
    probe uplink priority 50
  ip route 0.0.0.0 0.0.0.0 137.55.152.233

  Hi Earsdale,
  All the three servers are using the same configuration, so, I'm afraid it's not possible to give you a simple answer. You will need more troubleshooting.
  I would recommend you to start by checking the differences between the servers because one of those differences is certainly causing the failure.
  Also, it would be helpful to get traffic captures on the TenGig interface of the ACE to compare the behavior of the connection when going to the different servers, as well as the differences when being load-balanced vs accessing the server directly.
  If you need help with this troubleshooting, you can always open a TAC service request
  Regards
  Daniel

• Cisco Spam & Virus Blocker

  Hello
  How is the license handled on the Spam & Virus Blocker? Our customer has approx. 120 Lotus Notes Mailboxes. But he only use 30 Mailboxes for external Mailing, the other Mailboxes are only used for calendar and internal mailing.
  Can I take a Box for 50 users or will this not work? How will the Spam & Virus Blocker handle the license?
  Thanks and regards
  Luke

  relayhost = 192.168.0.000.
  I find it extremely unlikely that IP address is valid for your network (or any network, for that matter).
  I don't know if you've masked it trying to hide the real address (there's no point since it's a private network address anyway), but just in case that is what you've set, you will need to change that to the actual IP address of the mail appliance.
  I did that and tested sending an email to an outside address but no relay.
  What do you mean by 'no relay'. Do you mean that the mail server delivered the mail without relaying it through the appliance? Or that the mail didn't get delivered at all?
  What do the log files have to say about it?

• I'm using Mail 7.3 but can't find a "Block Sender" option, as exists in Outlook, as a way to block spam and unsolicited advertising. thanks.

  I'm using Mail 7.3 but can't find a "Block Senders" option - as exists in Outlook - as a way to prevent repeated spam and advertising landing in my Inbox. Anyone have a solution for this? I've had a look at the Message Rules option but that doesn't seem to offer a fix. Thanks

  You should be able to manage the problem with Rules, if you are happy to just delete the emails without you ever seeing them.
  In Mail>Preferences>Rules, create a new rule with these options:
  Description: Give a name to the Rule, such as Delete or Block Sender
  On the line started 'If' choose 'Any' from the drop down menu and on the next line select 'From' and 'Contains', and then input the email address of the unwanted sender
  Under 'Perform the following actions' choose 'Delete'.
  As other senders you want to block send you unwanted emails you can add them to the rule by clicking the '+' sign against the line you added the email, if you have an email from that sender on screen when you edit the rule - they should appear there automatically.

• Mail Delivery System Errors and Securing/Protecting agains spam

  Good morning all.
  This morning I started recieving these:
            From:   Mail Delivery System <[email protected]>
            Subject:   [It] Postfix SMTP server: errors from imr-mb02.mx.aol.com[64.12.207.163]
            Date:   November 18, 2011 8:51:23 AM EST
            To:   Postmaster <[email protected]>
  Transcript of session follows.
  Out: 220 mail.cotaoil.com ESMTP Postfix
  In:  EHLO imr-mb02.mx.aol.com
  Out: 250-mail.cotaoil.com
  Out: 250-PIPELINING
  Out: 250-SIZE
  Out: 250-VRFY
  Out: 250-ETRN
  Out: 250-AUTH LOGIN PLAIN CRAM-MD5 GSSAPI
  Out: 250-AUTH=LOGIN PLAIN CRAM-MD5 GSSAPI
  Out: 250-STARTTLS
  Out: 250-ENHANCEDSTATUSCODES
  Out: 250-8BITMIME
  Out: 250 DSN
  In:  MAIL From:<[email protected]> SIZE=3485
  Out: 250 2.1.0 Ok
  In:  RCPT To:<[email protected]> ORCPT=rfc822;[email protected]
  Out: 451 4.3.5 Server configuration error
  In:  DATA
  Out: 554 5.5.1 Error: no valid recipients
  In:  RSET
  Out: 250 2.0.0 Ok
  In:  QUIT
  Out: 221 2.0.0 Bye
  How this started:
  Over the past couple of days to approx a week, I have seen a massive influx of Spam on our server.  Spam coming in on random ex employee names that no longer work for the company.
  Previous to the spam, I turned on "forward un-deliverable mail to" and set to me.  The CEO was missing emails because people were not spelling his name correctly.  I have actually been able tyo catch a lot of employee emails some important, others not.
  In trying to make the mail server more secure, one of the features I tried to turn on was SMTP Client Restrictions, Which broke SMTP for my users.  Obviously the error is mine and I need to do more research, but love some feedback on what needs to be set on the server and clients for SMTP client restrictions to work.
  I know THE HOFF (mr hoffman) had information at some point to help users secure postfix, can anyone point me in the right direction, as well as any tips here on how to stop the influx of spam?
  pstconf -n is here:
  alias_maps = hash:/etc/aliases,hash:/var/mailman/data/aliases
  biff = no
  body_checks = regexp:/etc/postfix/body_checks
  broken_sasl_auth_clients = yes
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debug_peer_level = 2
  enable_server_options = yes
  header_checks = pcre:/etc/postfix/custom_header_checks
  html_directory = /usr/share/doc/postfix/html
  inet_interfaces = all
  local_recipient_maps =
  mail_owner = _postfix
  mailbox_size_limit = 0
  mailbox_transport = dovecot
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  maps_rbl_domains =
  maximal_queue_lifetime = 2d
  message_size_limit = 0
  mydestination = $myhostname, localhost.$mydomain, localhost, mail.cotaoil.com, cotaoil.com, $mydomain
  mydomain = mail.cotaoil.com
  mydomain_fallback = localhost
  myhostname = mail.cotaoil.com
  mynetworks = 127.0.0.0/8,192.1.1.10,192.1.1.11
  newaliases_path = /usr/bin/newaliases
  owner_request_special = no
  queue_directory = /private/var/spool/imap/dovecot/mail
  readme_directory = /usr/share/doc/postfix
  recipient_delimiter = +
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = _postdrop
  smtp_sasl_password_maps =
  smtpd_client_restrictions = permit_mynetworks permit_sasl_authenticated hash:/etc/postfix/smtpdreject cidr:/etc/postfix/smtpdreject.cidr reject_rbl_client zen.spamhaus.org permit
  smtpd_enforce_tls = no
  smtpd_helo_required = yes
  smtpd_helo_restrictions = reject_invalid_helo_hostname reject_non_fqdn_helo_hostname
  smtpd_pw_server_security_options = cram-md5,gssapi,login,plain
  smtpd_recipient_restrictions = permit_sasl_authenticated  permit_mynetworks   reject_unknown_recipient_domain  reject_unknown_sender_domain  reject_invalid_hostname  reject_unauth_destination check_policy_service unix:private/policy permit
  smtpd_sasl_auth_enable = yes
  smtpd_tls_CAfile = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.cha in.pem
  smtpd_tls_cert_file = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.cer t.pem
  smtpd_tls_exclude_ciphers = SSLv2, aNULL, ADH, eNULL
  smtpd_tls_key_file = /etc/certificates/mail.cotaoil.com.8F44026B8E7E908CEDAAD718F486D91C8FCD693E.key .pem
  smtpd_tls_loglevel = 0
  smtpd_use_pw_server = yes
  smtpd_use_tls = yes
  tls_random_source = dev:/dev/urandom
  unknown_local_recipient_reject_code = 550
  virtual_alias_maps =
  mail:~ administrator$

  I am not certain what you mean by immediately removing the 192.1.1.10 and 192.1.1.11, AIX servers that I use to relay admin emails to an IT address here.  Some sort of a gateway implemented on a pair of IBM boxes, I might presume. 
  192.1.1.0/24 is in a public address space that you don't have assigned (unless you're BBN).  If that IP routing leaks out, then some folks can get cranky.  Or should you eventially need to contact hosts within the address space of the "real" occupants of 192.1.1.0/24, routing won't necessarilt play nice.  There may well be a static IP route here, depending on the details of the router configuration, as otherwise that IP traffic would be going to BBN and not to those servers.  The Internet works because folks play by the rules, when working with IP routing and DNS services.  And if your predecessor used this address space (and not the likely 192.168.0.0/16 block), I'd look around to see if there were other unusual network configuration choices.
  TCP port 25 is the server-to-server mail port.  That's the main connection used among mail servers.  Blocking that has the effect that you've discovered.
  It's the clients that can also use that port that need to be relocated off the port, as the clients don't have the reverse DNS and related tests that would allow them access to that port, with various common server security configurations.
  Open TCP 587 at the firewall and ensure that this port is active at the mail server host, as a starting point.  You can test that with (among other tools) with a remote "telnet your.mail.server.host.name 587" command or similar; that's a primitive (but effective) (common) port test.
  With the Apple Mail client, make sure the SMTP server is configured to use the default SMTP ports.  Mail > Preferences > Account > Account Information > Edit SMTP Server > select the target SMTP server > Advanced > select "use the default ports (25, 465, 587)" and consider using SSL and authentication.  (Apple Mail tries a few ports automatically, so the set-up can be different than other clients.)
  I don't have enough space here for a full write-up on how mail or IP works, and setting up an arbitrary mail client or an IP network can be an adventure; I assumed the Apple mail client in the above.  See the user collaboration services disscussion of mail services in the Mac OS X Server Advanced Administration manual as some background.  (And if this stuff all looks a little cryptic, that's understandable, and you might want to consider getting some set-up help or consider moving to hosted mail services and making this stuff somebody else's problem.)

• Spam & Virus Blocker / Exchange 2007

  I have been running the Spam & Virus blocker for a month and love it. I'm in the middle of an email server migration (Ex2003 to Ex2007). I wanted the blocker to start forwarding (SMTP route) to my Ex2007 box instead of my Ex2003 box. The blocker continues to tell me that my Ex2007 box is down (Monitor - Delivery Status) and no mail gets delivered. If I bypass the blocker, mail gets delivered to Ex2007 just fine. Any ideas on how to fix this?

  Problem solved, it was an ID10T error. I was asking the blocker to SMTP route to my domain controller and not the Exchange 2007 box. Once I realized my mistake, I put the correct server name into SMTP route, and it works perfect.

• Block spam and junk TLDs

  I seem to be noticing a growing amount of spam from TLDs like .work and review. Some are getting blocked in out spam system, but some still seem to get through. Right now I block TLDs (like .work) when they cause an issue, but it seems that the issue pops up later again with different domains after some amount of time. We also have a mechanism in place for blocking snowshoe spam so it's not an issue there.
  I was just wondering how other people are handling this as it becomes a problem. We're also using several blacklists, greylisting and other tests on Exchange using Vamsoft ORF. Any thoughts? I've noticed that this is an issue on other systems as well...
  This topic first appeared in the Spiceworks Community

  Hi,
  I recommend you select different agents depending on the junk mails type to achieve your goals.
  1.Sender Filter agent   
  2.Recipient Filter agent 
  3.Sender ID agent   
  4.Content Filter agent   
  5.Protocol Analysis agent
  The following article for your reference:
  Anti-Spam Protection
  Hope it helps!
  Thanks.
  Niko Cheng
  TechNet Community Support