Skip to content
Skip to search
Skip to footer
Products and Services
How to Buy
Find a Cisco Partner
Meet our Partners
Become a Cisco Partner
Cisco Secure Email Gateway
Obtain answers for frequently asked questions regarding your Cisco product.
9.5 and newer AsyncOS for Email Security upgrade with older certificates (MD5) communication TLSv1.2 to fail
CRES FAQ: How do I correct the "This envelope is damaged and cannot be opened" error?
CRES: SSL ciphers used
Can I allowlist or blocklist individual users via email addresses in the HAT?
Can a Message Filter divert messages to the Cisco Email Security Appliance (ESA) Spam Quarantine?
Content Security Appliances FAQ: How do you perform a packet capture on a Cisco Content Security appliance?
Do internally generated messages such as alerts and notifications get scanned by filters, anti-spam, or anti-virus?
Does AsyncOS support IPv6 on the ESA?
Does Sophos Anti-Virus treat password protected Microsoft Office documents as encrypted?
Does the ESA have the equivalent of a "hosts" file?
ESA Default IP Address Determination with Multiple Interfaces on the Same Subnet
ESA FAQ: Do I still need desktop anti-virus if I enable Sophos or McAfee Anti-Virus on my ESA?
ESA FAQ: Does the Ethernet MAC address in the configuration XML file cause problems in disaster recovery on the ESA?
ESA FAQ: How do I force a download of Sophos or McAfee Anti-Virus updates immediately?
ESA FAQ: How do you analyze intermittent mail delivery issues on the ESA?
ESA FAQ: How do you specify multiple destination hosts with the alt-mailhost action?
ESA FAQ: How do you upgrade an ESA that is in a cluster?
ESA FAQ: How to allowlist recipient or sender emails
ESA FAQ: Outbreak Filters/Virus Outbreak Filters (VOF) FAQ
ESA FAQ: What does the SBRS value of "none" mean, and how can you detect these scores?
ESA FAQ: What is a Message ID (MID), Injection Connection ID (ICID), or Delivery Connection ID (DCID)?
ESA FAQ: What is a listener?
ESA/SMA Virtual Deployment FAQ
Enable service account (enablediag) via console on the ESA/WSA/SMA
HAT Delayed Rejection FAQ
How are SMTP authentication events logged?
How can I alter what ciphers are used with the Graphical User Interface (GUI)? Can I disable SSL v2 for the GUI?
How can I identify and address a mail loop situation on the ESA?
How can I lock a user account in my domain in CRES?
How can I prevent the backend infrastructure from being exposed in outbound messages?
How can a firewall or SMTP proxy affect ESMTP services?
How do I allow some messages from a sender with a low SBRS score, but block all other messages?
How do I blocklist or drop a sending domain using Incoming Mail Policy and Content Filter?
How do I bypass encryption in a content filter and DLP?
How do I configure a relay host on the ESA for outbound mail?
How do I configure the ESA to skip anti-spam and/or anti-virus scanning for my trusted senders?
How do I control body and attachment scanning in filters?
How do I decode the X-IronPort-AV header on the ESA?
How do I filter messages that are too large?
How do I keep copies of messages matched by my message filter?
How do I match the Sender Group "ALL" with a message filter?
How do I migrate from local spam quarantine on Cisco Email Security Appliance (ESA) to central spam quarantine on Security Management Appliance (SMA)?
How do I modify the subject header to flag messages that have a low SenderBase Reputation Score (SBRS)?
How do I monitor the health of the ESA?
How do I prevent my ESA from being used as an open relay?
How do I search and view the mail logs on the ESA?
How do I stop Bounce Verification from rejecting bounces on the ESA?
How do I stop duplicate disclaimer stamping?
How do I test Bounce Verification on the ESA?
How do I test a message or content filter to ensure it is working as designed?
How do I test if my domain supports TLS with CRES?
How do I test mail and network connectivity through an ESA using smtpping?
How do I troubleshoot why a message was not received by the Cisco Secure Email Gateway?
How do you Whitelist a Trusted Sender?
How do you use LDAP Accept Query to validate the sender of relayed messages?
How do you use pscp on Microsoft Windows?
How does the Exception Table on the ESA work?
How to Install Feature Keys on Cisco ESA, WSA, and SMA?
How to Load or Migrate ESA Configuration on a Replacement ESA
How to configure Virtual Gateways?
How to extract an email from archive mbox logs on the Email Security Appliance?
How to modify the End-User Safelist/Blocklist on ESA
I have added the domain 'example.com' to the ACCEPTLIST sender group. Why is it not working?
Is it possible to apply multiple certificates on an ESA and assign them to different interfaces or listeners?
Is there a filter condition matching on the file size of single attachment(s) instead of message size?
Requirements for the PVO Migration Wizard when ESA is clustered
Restart and View the Status of Service Engines Enabled on ESA/CES
SDR: Sender Maturity FAQ
Safelist/Blocklist limitation and configuration of limits
Simple Mail Filter on How to Quarantine a Message
Solution to URL Filter Scan Failure on Emails
TLS Configuration Frequently Asked Questions for ESA
Understanding the CES SPF Record
What SMTP response codes does the ESA support?
What does "ICID lost" or "ICID close" mean?
What does the application fault 'shared/VTLStatus.py' mean?
What is Cisco Anti-Spam's catch rate, false-positive rate, and throughput?
What is UNIX mbox (mailbox) format?
What is the algorithm for certificate verification on the Cisco Email Security Appliance (ESA)?
What is the largest message size the Cisco ESA will accept?
When Does Delay Warning Messages In Bounce Profile Setting Gets Generated?
Where are logs stored on the Cisco Email Security Appliance (ESA) and how do I access them?
Why am I receiving an error when loading a Cisco Email Security Appliance (ESA) C350 configuration file to a C370?
Why are disclaimers in footer displayed as attachments?
Why are mail attachments bigger than the original file?
Why are there network errors when the ESA communicates with the syslog server?
Why do you see XXXXXXXA after EHLO and "500 #5.5.1 command not recognized" after STARTTLS?
Why does TLS negotiation from the ESA to a destination server fail despite STARTTLS being available?
Why does the Cisco Email Security Appliance (ESA) use port 25 by default when opening telnet sessions and how do I specify a different port?
Why does the ESA handle the DKIM authentication result "permfail" as "hardfail"?
Why does the LDAP group query not work with Active Directory?
All Support Documentation for this Series
Customers Also Viewed