This document describes how the Graymail Detection and Safe Unsubscribing feature works on the Cisco Email Security Appliance (ESA).
There are no specific requirements for this document.
This document is not restricted to specific software and hardware versions.
The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.
Graymail Detection and Safe Unsubscribing Functionality
During the Graymail Safe Unsubscribe process, there are times when an end-user will see a notice in their local web browser. If you want to check the status of your request at a later point, use this link. For future reference, you can bookmark this link similar to this:
If the unsubscribe service is not able to complete the unsubscribe request in real-time, this link is provided as a status link to allow the end-user to check the status of the unsubscribe request at a later time.
The link directs to safe-unsubscribe.cisco.com (220.127.116.11), which is a pointer for an Akami hosted IP address:
The safe-unsubscribe service is currently mapped to one of these IPs:
It is also possible that the end-user will have the link re-written by the URL Rewriting (Virus Outbreak) through the Security Proxy, and the URL will show first redirecting to the domain secure-web.cisco.com (18.104.22.168), which then redirects to safe-unsubscribe.cisco.com. This is also a pointer for an Akami hosted IP address: