CLI Reference Guide for AsyncOS 9.7 for Cisco Email Security Appliances October 13, 2015 Cisco Systems, Inc. www.cisco.com Cisco has more than 200 offices worldwide. Addresses, phone numbers, and fax numbers are listed on the Cisco website at www.cisco.com/go/offices.
THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.
CONTENTS Preface 1 Before you Read this Book Typographic Conventions 1 2 Additional Resources 2 Documentation 2 Knowledge Base 2 Cisco Support Community 3 Customer Support 3 Registering for a Cisco Account 3 Cisco Welcomes Your Comments 3 CHAPTER 1 CLI Quick Reference Guide 1-1 CLI Commands (No Commit Required) CLI Commands (Commit Required) CHAPTER 2 Command Line Interface: The Basics 1-2 1-5 2-1 Accessing the Command Line Interface (CLI) 2-1 Command Line Interface Conventions 2-2 General
Contents Graymail Detection and Safe Unsubscribing graymailconfig 3-13 graymailstatus 3-14 graymailupdate 3-15 Anti-Virus 3-15 antivirusconfig 3-15 antivirusstatus 3-17 antivirusupdate 3-18 Command Line Management 3-18 commit 3-18 commitdetail 3-19 clearchanges or clear 3-19 help or h or ? 3-20 rollbackconfig 3-20 quit or q or exit 3-21 Configuration File Management loadconfig 3-22 mailconfig 3-23 resetconfig 3-24 saveconfig 3-25 showconfig 3-25 3-21 Cluster Management 3-26 clusterconfig 3-26 Data Loss P
Contents dnshostprefs 3-58 dnslistconfig 3-59 dnslisttest 3-60 dnsstatus 3-60 General Management/Administration/Troubleshooting addressconfig 3-62 adminaccessconfig 3-64 certconfig 3-69 date 3-74 diagnostic 3-74 diskquotaconfig 3-78 ecconfig 3-80 ecstatus 3-81 ecupdate 3-81 encryptionconfig 3-81 encryptionstatus 3-85 encryptionupdate 3-85 featurekey 3-86 featurekeyconfig 3-87 generalconfig 3-87 healthcheck 3-88 healthconfig 3-89 ntpconfig 3-90 reboot 3-91 repengstatus 3-92 resume 3-92 resumedel 3-93 resume
Contents tcpservices 3-105 techsupport 3-106 tlsverify 3-107 trace 3-108 trackingconfig 3-110 tzupdate 3-110 updateconfig 3-111 updatenow 3-116 version 3-116 wipedata 3-117 upgrade 3-118 Content Scanning 3-118 contentscannerstatus 3-119 contentscannerudpate 3-119 LDAP 3-119 ldapconfig 3-120 ldapflush 3-124 ldaptest 3-125 sievechar 3-126 Mail Delivery Configuration/Monitoring addresslistconfig 3-127 aliasconfig 3-129 archivemessage 3-131 altsrchost 3-132 bounceconfig 3-134 bouncerecipients 3-137 bvconfig 3-
Contents showmessage 3-157 showrecipients 3-157 status 3-159 tophosts 3-160 topin 3-161 unsubscribe 3-161 workqueue 3-163 Networking Configuration / Network Tools etherconfig 3-164 interfaceconfig 3-166 nslookup 3-168 netstat 3-169 packetcapture 3-170 ping 3-172 ping6 3-173 routeconfig 3-173 setgateway 3-176 sethostname 3-177 smtproutes 3-177 sslconfig 3-179 sslv3config 3-181 telnet 3-182 traceroute 3-183 traceroute6 3-183 3-163 Outbreak Filters 3-185 outbreakconfig 3-185 outbreakflush 3-186 outbreakstat
Contents alertconfig 3-226 displayalerts 3-227 findevent 3-228 grep 3-230 logconfig 3-231 rollovernow 3-239 snmpconfig 3-239 tail 3-241 Reporting 3-242 reportingconfig 3-243 Senderbase 3-246 sbstatus 3-246 senderbaseconfig 3-247 SMTP Services Configuration 3-247 callaheadconfig 3-247 listenerconfig 3-249 Example - Configuring SPF and SIDF localeconfig 3-277 smtpauthconfig 3-278 3-269 System Setup 3-279 systemsetup 3-279 URL Filtering 3-284 aggregatorconfig 3-284 urllistconfig 3-284 webcacheflush 3-28
Preface The instructions in this book are designed for an experienced system administrator with knowledge of networking and email administration. Before you Read this Book Note If you have already cabled your appliance to your network, ensure that the default IP address for the appliance does not conflict with other IP addresses on your network. The IP address assigned to the Management port by the factory is 192.168.42.42.
Typographic Conventions Typeface or Symbol Meaning Examples Please choose an IP interface for this Listener. AaBbCc123 The names of commands, files, and directories; on-screen computer output. What you type, when contrasted with on-screen computer output. mail3.example.com> commit Please enter some comments describing your changes: []> Changed the system hostname Book titles, new words or terms, words to be emphasized. Command line variable; replace with a real name or value.
Cisco Support Community Cisco Support Community is an online forum for Cisco customers, partners, and employees. It provides a place to discuss general content security issues, as well as technical information about specific Cisco products. You can post topics to the forum to ask questions and share information with other users. Access the Cisco Support Community for Email Security appliances at: https://supportforums.cisco.
CLI Reference Guide for AsyncOS 9.
CH A P T E R 1 CLI Quick Reference Guide Use the tables to locate the appropriate CLI command, a brief description and its availability on the C-, X, and M-series platforms. • CLI Commands (No Commit Required), page 1-2 • CLI Commands (Commit Required), page 1-5 CLI Reference Guide for AsyncOS 9.
Chapter 1 CLI Quick Reference Guide CLI Commands (No Commit Required) CLI Commands (No Commit Required) CLI Command Description Platform Availability antispamstatus Display Anti-Spam status C- and X- Series antispamupdate Manually update spam definitions C- and X- Series antivirusstatus Display anti-virus status C- and X- Series antivirusupdate Manually update virus definitions C- and X- Series archivemessage Archives older messages in your queue.
Chapter 1 CLI Quick Reference Guide CLI Commands (No Commit Required) help or h or ? Help C-, X-, and M-Series hostrate Monitor activity for a particular host C-, X-, and M-Series hoststatus Get the status of the given hostname C-, X-, and M-Series last Display who has recently logged into the system C-, X-, and M-Series ldapflush Flush any cached LDAP results C- and X- Series ldaptest Perform a single LDAP query test C- and X- Series loadlicense Load a virtual appliance license All vi
Chapter 1 CLI Quick Reference Guide CLI Commands (No Commit Required) showrecipients Show messages from the queue by recipient host, Envelope From address, or all messages C- and X- Series shutdown Shut down the system to power off C-, X-, and M-Series slblconfig Configure Safelist/Blocklist settings C- and X-Series status System status C-, X-, and M-Series supportrequest Send a message to Cisco TAC C-, X-, and M-Series supportrequeststatus Display Support Request Keywords version informa
Chapter 1 CLI Quick Reference Guide CLI Commands (Commit Required) CLI Commands (Commit Required) CLI Command Description Platform Availability addressconfig Configure From: addresses for system generated mail C-, X-, and M- Series addresslistconfig Configure address lists C- and X- Series adminaccessconfig Configure network access list and banner login C- and X- Series aggregatorconfig Configure address of the Cisco Aggregator Server C- and X- Series alertconfig Configure email alerts C-
Chapter 1 CLI Quick Reference Guide CLI Commands (Commit Required) healthconfig Configure the threshold of various health parameters of your appliance C-, X-, and M- Series imageanalysisconfig Configure the IronPort Image Analysis settings C-, X-, and M- Series incomingrelayconfig Configure Incoming Relays C- and X- Series interfaceconfig Configure Ethernet IP addresses C-, X-, and M- Series ldapconfig Configure LDAP servers C- and X- Series listenerconfig Configure mail listeners C- and
Chapter 1 CLI Quick Reference Guide CLI Commands (Commit Required) userconfig Manage user accounts and connections to external authentication C-, X-, and M- Series sources. websecurityadvancedconfig Configure advanced settings for URL filtering C-, X-, and M- Series websecurityconfig Configure global settings for URL filtering C-, X-, and M- Series CLI Reference Guide for AsyncOS 9.
Chapter 1 CLI Commands (Commit Required) CLI Reference Guide for AsyncOS 9.
CH A P T E R 2 Command Line Interface: The Basics This chapter contains the following sections: • Accessing the Command Line Interface (CLI), page 2-1 • Batch Commands, page 2-6 Accessing the Command Line Interface (CLI) The Command Line Interface is accessible via SSH or Telnet on IP interfaces that have been configured with these services enabled, or via terminal emulation software on the serial port. By factory default, SSH and Telnet are configured on the Management port.
Chapter 2 Command Line Interface: The Basics Accessing the Command Line Interface (CLI) Command Line Interface Conventions This section describes the rules and conventions of the AsyncOS CLI. Command Prompt The top-level command prompt consists of the fully qualified hostname, followed by the greater than (>) symbol, followed by a space. For example: mail3.example.
Chapter 2 Command Line Interface: The Basics Accessing the Command Line Interface (CLI) Command Syntax When operating in the interactive mode, the CLI command syntax consists of single commands with no white spaces and no arguments or parameters. For example: mail3.example.com> systemsetup Select Lists When you are presented with multiple choices for input, some commands use numbered lists. Enter the number of the selection at the prompt. For example: Log level: 1. Error 2. Warning 3. Information 4.
Chapter 2 Command Line Interface: The Basics Accessing the Command Line Interface (CLI) Escape You can use the Control-C keyboard shortcut at any time within a subcommand to immediately exit return to the top level of the CLI. History The CLI keeps a history of all commands you type during a session. Use the Up and Down arrow keys on your keyboard, or the Control-P and Control-N key combinations, to scroll through a running list of the recently-used commands. mail3.example.
Chapter 2 Command Line Interface: The Basics Accessing the Command Line Interface (CLI) Note Not all commands require the commit command to be run. See Chapter 1, “CLI Quick Reference Guide” for a summary of commands that require commit to be run before their changes take effect. Exiting the CLI session, system shutdown, reboot, failure, or issuing the clear command clears changes that have not yet been committed.
Chapter 2 Command Line Interface: The Basics Batch Commands Quitting the Command Line Interface Session The quit command logs you out of the CLI application. Configuration changes that have not been committed are cleared. The quit command has no effect on email operations. Logout is logged into the log files. (Typing exit is the same as typing quit.) mail3.example.com> quit Configuration changes entered but not committed. Exiting will lose changes. Type 'commit' at the command prompt to commit changes.
Chapter 2 Command Line Interface: The Basics Batch Commands Choose the operation you want to perform: - NEW - Create a new listener. - EDIT - Modify a listener. - DELETE - Remove a listener. - SETUP - Change global settings. []> edit Enter the name or number of the listener you wish to edit. []> IncomingMail Choose the operation you want to perform: - NAME - Change the name of the listener. - INTERFACE - Change the interface. - LIMITS - Change the injection limits. - SETUP - Configure general options.
Chapter 2 Command Line Interface: The Basics Batch Commands - MOVE - Move an entry. - DEFAULT - Set the defaults. - PRINT - Display the table. - IMPORT - Import a table from a file. - EXPORT - Export the table to a file. - CLEAR - Remove all entries. []> NEW 1. New Sender Group 2. New Policy [1]> 1 Enter a name for this sender group. (optional) []> REDLIST Enter the hosts to add. CIDR addresses such as 10.1.1.0/24 are allowed. IP address ranges such as 10.1.1.10-20 are allowed. IP subnets such as 10.2.
Chapter 2 Command Line Interface: The Basics Batch Commands 4. TCP Refuse 5. Continue 6. Policy: ACCEPTED 7. Policy: BLOCKED 8. Policy: THROTTLED 9. Policy: TRUSTED [1]> 8 Enter a comment for this sender group. []> There are currently 4 policies defined. There are currently 6 sender groups. To perform the same action using a CLI batch command: example.com> listenerconfig edit IncomingMail hostaccess new sendergroup REDLIST possible_spammer.com Policy: “THROTTLED” CLI Reference Guide for AsyncOS 9.
Chapter 2 Batch Commands CLI Reference Guide for AsyncOS 9.
CH A P T E R 3 The Commands: Reference Examples This chapter contains the following sections: • Advanced Malware Protection, page 3-2 • Anti-Spam, page 3-6 • Graymail Detection and Safe Unsubscribing, page 3-13 • Anti-Virus, page 3-15 • Command Line Management, page 3-18 • Configuration File Management, page 3-21 • Cluster Management, page 3-26 • Data Loss Prevention, page 3-28 • S/MIME Security Services, page 3-32 • Domain Keys, page 3-35 • DMARC Verification, page 3-47 • DNS, page
Chapter 3 The Commands: Reference Examples Advanced Malware Protection How to Read the Listing For each command, there is a description and at least one example of the command being used. The Usage section specifies the following command attributes: Step 1 Does the command require a commit command to be implemented on the appliance? Step 2 Is the command restricted to a particular mode (cluster, group, or machine).
Chapter 3 The Commands: Reference Examples Advanced Malware Protection - SETUP - Configure Advanced-Malware protection service. []> setup File Reputation: Disabled Would you like to use File Reputation? [Y]> Would you like to use File Analysis? [Y]> File types supported for File Analysis: 1. Microsoft Executables Do you want to modify the file types selected for File Analysis? [N]> Specify AMP processing timeout (in seconds) [120]> Advanced-Malware protection is now enabled on the system.
Chapter 3 The Commands: Reference Examples Advanced Malware Protection []> advanced Enter cloud query timeout? [15]> Enter cloud domain? [cloud-domain.com]> Enter reputation cloud server pool? [cloud-server-pool.com]> Do you want use the recommended reputation threshold from cloud service? [Y]> Choose a file analysis server: 1. AMERICAS (https://americas-fa.com) 2. Private Cloud [1]> ...
Chapter 3 The Commands: Reference Examples Advanced Malware Protection - ADVANCED - Set values for AMP parameters (Advanced configuration). - VIEWGROUP - view the group members details. - CLEARCACHE - Clears the local File Reputation cache. []> Note After you configure an appliance group, you cannot use the setgroup subcommand. If you want to need to modify the group for any reason, you must open a case with Cisco TAC. You can view the details of the appliance group using the viewgroup subcommand.
Chapter 3 The Commands: Reference Examples Anti-Spam - ADVANCED - Set values for AMP parameters (Advanced configuration). - CLEARCACHE - Clears the local File Reputation cache. []> Clearing Local File Reputation Cache mail.example.com> ampconfig File Reputation: Enabled File Analysis: Enabled File types selected for File Analysis: Microsoft Windows / DOS Executable Choose the operation you want to perform: - SETUP - Configure Advanced-Malware protection service.
Chapter 3 The Commands: Reference Examples Anti-Spam Batch Command: This command does not support a batch format. Example The following examples demonstrates the configuration for Anti-Spam functionality. mail3.example.com> antispamconfig Choose the operation you want to perform: - IRONPORT - Configure IronPort Anti-Spam. - CLOUDMARK - Configure Cloudmark Service Provider Edition. - MULTISCAN - Configure IronPort Intelligent Multi-Scan.
Chapter 3 The Commands: Reference Examples Anti-Spam antispamstatus Description Display anti-spam status. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example mail3.example.com> antispamstatus Choose the operation you want to perform: - IRONPORT - Display IronPort Anti-Spam version and rule information.
Chapter 3 The Commands: Reference Examples Anti-Spam Example mail3.example.com> antispamupdate Choose the operation you want to perform: - MULTISCAN - Request updates for Intelligent Multi-Scan - IRONPORT - Request updates for IronPort Anti-Spam - CLOUDMARK - Request updates for Cloudmark Anti-Spam []> ironport Requesting check for new CASE definitions incomingrelayconfig Description Use the incomingrelayconfig command to enable and configure the Incoming Relays feature.
Chapter 3 The Commands: Reference Examples Anti-Spam []> relaylist There are no relays defined. Choose the operation you want to perform: - NEW - Create a new entry []> new Enter a name for this incoming relay (Ex: "first-hop") []> first-hop Enter the IP address of the incoming relay. IPv4 and IPv6 addresses are supported. For IPv4, CIDR format subnets such as 10.1.1.0/24, IP address ranges such as 10.1.1.10-20, and subnets such as 10.2.3. are allowed.
Chapter 3 The Commands: Reference Examples Anti-Spam For IPv4, CIDR format subnets such as 10.1.1.0/24, IP address ranges such as 10.1.1.10-20, and subnets such as 10.2.3. are allowed. For IPv6, CIDR format subnets such as 2001:db8::/32 and IP address ranges such as 2001:db8::1-2001:db8::11 are allowed. Hostnames such as crm.example.com and partial hostnames such as .example.com are allowed. []> 192.168.1.
Chapter 3 The Commands: Reference Examples Anti-Spam slblconfig Description Configure End-User Safelist/Blocklist. Note Safelists/Blocklists must be enabled on the appliance via the GUI in order to run this command. Usage Commit: This command does not require a ‘commit’. Batch Command: This command supports a batch format. Batch Format - Import Batch Format Replaces all entries in the End-User Safelist/Blocklist with entries present in the specified file.
Chapter 3 The Commands: Reference Examples Graymail Detection and Safe Unsubscribing 1. slbl.csv Choose the file to import from. [1]> 1 Do you want to ignore invalid entries? [Y]> Y End-User Safelist/Blocklist import has been initiated... Please wait while this operation executes. End-User Safelist/Blocklist successfully imported. Choose the operation you want to perform: - IMPORT - Replace all entries in the End-User Safelist/Blocklist. - EXPORT - Export all entries from the End-User Safelist/Blocklist.
Chapter 3 The Commands: Reference Examples Graymail Detection and Safe Unsubscribing Example Graymail Detection: Disabled Choose the operation you want to perform: - SETUP - Configure Graymail. []> setup Would you like to use Graymail Detection? [Y]> Increasing the following size settings may result in decreased performance. Please consult documentation for size recommendations based on your environment.
Chapter 3 The Commands: Reference Examples Anti-Virus graymailupdate Description Manually request update of the graymail rules. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format Example mail.example.com> graymailupdate Requesting check for new Graymail updates.
Chapter 3 The Commands: Reference Examples Anti-Virus Note The first time you invoke the antivirusconfig command, you may be presented with a license agreement, if you did not accept the license during the systemsetup command. If you do not accept the license agreement, the Sophos virus scanning engine will not be enabled on the appliance. mail3.example.com> antivirusconfig Choose the operation you want to perform: - SOPHOS - Configure Sophos Anti-Virus. - MCAFEE - Configure McAfee Anti-Virus.
Chapter 3 The Commands: Reference Examples Anti-Virus Sophos Anti-Virus: Product - 3.87 Engine - 2.25.0 Product Date - 01 Nov 2004 Sophos IDEs currently on the system: 'Mkar-E.Ide' 'Rbot-Sd.Ide' 'Santy-A.Ide' 'Bacbanan.Ide' 'Rbot-Sb.Ide' 'Rbotry.Ide' 'Sdbot-Si.Ide' 'Oddbob-A.Ide' 'Rbot-Rw.Ide' 'Wortd.Ide' 'Delf-Jb.Ide' [...command continues...] Virus Virus Virus Virus Virus Virus Virus Virus Virus Virus Virus Sig. Sig. Sig. Sig. Sig. Sig. Sig. Sig. Sig. Sig. Sig.
Chapter 3 The Commands: Reference Examples Command Line Management antivirusupdate Description Manually update virus definitions. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e., the specific machine you are logged onto). Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples Command Line Management Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples Command Line Management Example mail3.example.com> clear Are you sure you want to clear all changes since the last commit? [Y]> y Changes cleared: Mon Jan 01 12:00:01 2003 mail3.example.com> help or h or ? Description The help command lists all available CLI commands and gives a brief description of each command. The help command can be invoked by typing either help or a single question mark (?) at the command prompt.
Chapter 3 The Commands: Reference Examples Configuration File Management 4. Fri May 23 05:45:51 2014 admin edit user Enter the number of the config to revert to. []> 2 Are you sure you want to roll back the configuration? [N]> y Reverted to Fri May 23 06:50:57 2014 admin Do you want to commit this configuration now? [N]> y rollback Committed the changes successfully quit or q or exit Description The quit command logs you out of the CLI application.
Chapter 3 The Commands: Reference Examples Configuration File Management loadconfig Description Load a configuration file. Note Loading configuration on clustered machines is supported only using GUI. For instructions, see User Guide for AsyncOS for Cisco Email Security Appliances. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine).
Chapter 3 The Commands: Reference Examples Configuration File Management mail3.example.com> systemsetup [The system setup wizard is run.] mail3.example.
Chapter 3 The Commands: Reference Examples Configuration File Management resetconfig Description When physically transferring the appliance, you may want to start with factory defaults. The resetconfig command resets all configuration values to factory defaults. This command is extremely destructive, and it should only be used when you are transferring the unit or as a last resort to solving configuration issues.
Chapter 3 The Commands: Reference Examples Configuration File Management saveconfig Description The saveconfig command saves the configuration file with a unique filename to the configuration directory. Note If you are on a clustered environment, this command saves the complete cluster configuration. To run this command on a clustered machine, change your configuration mode to cluster. Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples Cluster Management Example In the following example, the configuration is displayed on CLI and the passwords in the configuration are encrypted. mail.example.com> showconfig Choose the password display option: 1. Mask passwords (Files with masked passwords cannot be loaded using loadconfig command) 2. Encrypt passwords 3. Plain passwords [1]> 2 PAGE 57
Chapter 3 The Commands: Reference Examples Cluster Management • clusterconfig join [--port=xx] [] — This will add this machine to a cluster. - - The IP address of another machine in the cluster. The admin password of the cluster. This should not be specified if joining over CCS. • - The name of the group to join. - The port of the remote machine to connect to (defaults to 22).
Chapter 3 The Commands: Reference Examples Data Loss Prevention - The SSH user key from the "prepjoin print" command from the joining machine. • clusterconfig prepjoin delete — This will remove a host that was previously indicated to be added from the "prepjoin new" command. This is only necessary to be used if you later decide not to add the host. When a host is successfully added to the cluster, its prepjoin information is automatically removed.
Chapter 3 The Commands: Reference Examples Data Loss Prevention Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is can be used at cluster, group or machine mode. Batch Command: This command does not support a batch format. Example mail.example.com> dlprollback This will revert to older DLP policies. IMPORTANT: After rollback, you must re-enable DLP policies in Outbound Mail Policies so that DLP scanning can be resumed successfully.
Chapter 3 The Commands: Reference Examples Data Loss Prevention Note DLP must already be configured via the DLP Global Settings page in the GUI before you can use the dlpupdate command. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is can be used at cluster, group or machine mode. Batch Command: This command supports a batch format. Batch Format The batch format of the dlpupdate command forces an update of the DLP engine even if no changes are detected.
Chapter 3 The Commands: Reference Examples Data Loss Prevention Note RSA Enterprise Manager must already be configured via the DLP Global Settings page in the GUI before you can use the emconfig command. You cannot enable this functionality using the CLI, only edit the existing settings. Usage Commit: This command requires a ‘commit’. Cluster Management: This command is can be used at cluster, group or machine mode. Batch Command: This command does not support a batch format.
Chapter 3 The Commands: Reference Examples S/MIME Security Services [20002]> Enable SSL communication to EM [N]> Advanced Settings: RSA Enterprise Manager GUID: emlocalsite Device Vendor name: Cisco Systems Device Status Interval: 5 seconds Polling Cycle Interval: 30 seconds Connection Throttle Interval: 0 milliseconds Max event archive size: 31457280 bytes Max files in event archive: 50 Max file size in event archive: 10485760 MB Max size of event.
Chapter 3 The Commands: Reference Examples S/MIME Security Services Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format.
Chapter 3 The Commands: Reference Examples S/MIME Security Services 3. Split Enter S/MIME action: [1]> 3 Choose the operation you want to perform: - NEW - Create a new S/MIME sending profile. - EDIT - Edit a S/MIME sending profile. - RENAME - Rename a S/MIME sending profile. - DELETE - Delete a S/MIME sending profile. - IMPORT - Import a S/MIME sending profile from a file - EXPORT - Export a S/MIME sending profile to a file - PRINT - Display S/MIME sending profiles.
Chapter 3 The Commands: Reference Examples Domain Keys . C=IN,ST=KA,L=BN,O=Cisco,OU=stg,CN=cert_for_enc,emailAddress=admin@example.com Choose the operation you want to perform: - NEW - Create a new S/MIME Public Key. - EDIT - Edit a S/MIME Public Key. - RENAME - Rename a S/MIME Public Key. - DELETE - Delete a S/MIME Public Key. - IMPORT - Import the list of S/MIME Public Keys from a file. - EXPORT - Export the list of S/MIME Public Keys to a file. - PRINT - Display S/MIME Public Keys.
Chapter 3 The Commands: Reference Examples Domain Keys Table 3-2 domainkeysconfig New Signing Profile Arguments Argument Description Name of domain profile. Type of domain. Can be dk or dkim. Domain field of domain profile. This forms the d tag of the Domain-Keys signature. Selector field of domain profile. This forms the s tag of the Domain-Keys signature. Comma separated list of domain profile users.
Chapter 3 The Commands: Reference Examples Domain Keys Table 3-2 • domainkeysconfig New Signing Profile Arguments Argument Description --agent_identity The identity of the user or agent on behalf of which this message is signed. The syntax is a standard email address where the local-part may be omitted. Domain part of this address should be a sub-domain of or equal to the . This option is only applicable if --i_tag value is set to yes.
Chapter 3 The Commands: Reference Examples Domain Keys – qtag – ttag – xtag [] – ztag – new – delete – print – clear • Delete a signing profile: domainkeysconfig profiles signing delete • Show a list of signing profiles: domainkeysconfig profiles signing list • Print the details of a signing profile: domainkeysconfig profiles signing print • Test a signing profile: domainkeysconfig profiles signing test
Chapter 3 The Commands: Reference Examples Domain Keys Table 3-3 domainkeysconfig Verification Profile Options Argument Description --name The name of DKIM verification profile. --min_key_size The smallest key to be accepted. Possible key-length values (in bits) are 512, 768, 1024, 1536 and 2048. Default is 512. --max_key_size The largest key to be accepted. Possible key-length values (in bits) are 512, 768, 1024, 1536 and 2048. Default is 2048.
Chapter 3 The Commands: Reference Examples Domain Keys • Delete a verification profile: domainkeysconfig profiles verification delete • Print details of an existing verification profile: domainkeysconfig profiles verification print • Display a list of existing verification profiles: domainkeysconfig profiles verification list • Import a file of verification profiles from a local machine: domainkeysconfig profiles verification import • Export the verification profiles fro
Chapter 3 The Commands: Reference Examples Domain Keys • Rename an existing signing key: domainkeysconfig keys edit rename • To specify a public key: domainkeysconfig keys publickey • Delete a key: domainkeysconfig keys delete • Display a list of all signing keys: domainkeysconfig keys list • Display all information about a specify signing key: domainkeysconfig keys print • Import signing keys from a local machine: domainkeysconfig keys imp
Chapter 3 The Commands: Reference Examples Domain Keys – --sign_generated_msgs - Specify whether to sign system-generated messages. Possible values are yes or no. Example: Configuring Domain Keys via the CLI Use the domainkeysconfig command in the CLI to configure Domain Keys on your appliance. The domainkeysconfig command has all of the features of the Mail Policies -> Domain Keys page. It also provides the ability to generate a sample Domain Keys DNS TXT record.
Chapter 3 The Commands: Reference Examples Domain Keys - IMPORT - Import signing keys from a file. - EXPORT - Export signing keys to a file. - CLEAR - Clear all signing keys. []> Number of DK/DKIM Signing Profiles: 0 Number of Signing Keys: 1 Number of DKIM Verification Profiles: 1 Sign System-Generated Messages: Yes Choose the operation you want to perform: - PROFILES - Manage domain profiles. - KEYS - Manage signing keys. - SETUP - Change global settings. - SEARCH - Search for domain profile or key.
Chapter 3 The Commands: Reference Examples Domain Keys 3. Enter key at later time 4. Select existing key [1]> 4 Enter the name or number of a signing key. 1. testkey [1]> The canonicalization algorithm is the method by which the headers and content are prepared for presentation to the signing algorithm. Possible choices are "simple" and "relaxed". Select canonicalization algorithm for body: 1. simple 2. relaxed [1]> 1 How would you like to sign headers: 1.
Chapter 3 The Commands: Reference Examples Domain Keys - CLEAR - Clear all domain profiles. []> Choose the operation you want to perform: - SIGNING - Manage signing profiles. - VERIFICATION - Manage verification profiles. []> Number of DK/DKIM Signing Profiles: 1 Number of Signing Keys: 1 Number of DKIM Verification Profiles: 1 Sign System-Generated Messages: Yes Choose the operation you want to perform: - PROFILES - Manage domain profiles. - KEYS - Manage signing keys. - SETUP - Change global settings.
Chapter 3 The Commands: Reference Examples Domain Keys [1]> The answers to the following questions will be used to construct DKIM text record for DNS. It can be used to publish information about this profile.
Chapter 3 The Commands: Reference Examples DMARC Verification DMARC Verification This section contains the following CLI commands: • dmarcconfig dmarcconfig Description Configure DMARC settings. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format.
Chapter 3 The Commands: Reference Examples DMARC Verification Argument Description --tempfail_response_code The SMTP response code for rejected messages in case of temporary failure. The default value is 451. --tempfail_response_text The SMTP response text for rejected messages in case of temporary failure. The default value is “#4.7.1 Unable to perform DMARC verification.
Chapter 3 The Commands: Reference Examples DMARC Verification Options Description --contact_info Additional contact information, for example, details of your organization's customer support, if the domain owners who receive DMARC aggregate reports want to contact the entity that generated the report. --copy_reports Send copy of all the DMARC aggregate reports to specific users, for example, internal users who perform analysis on the aggregate reports.
Chapter 3 The Commands: Reference Examples DMARC Verification 3. Reject the message [3]> 1 Select the message action when the policy in DMARC record is quarantine: 1. No Action 2. Quarantine the message [2]> 2 Select the quarantine for messages that fail DMARC verification (when the DMARC policy is quarantine). 1. Policy [1]> 1 What SMTP action should be taken in case of temporary failure? 1. Accept 2. Reject [1]> 2 Enter the SMTP response code for rejected messages in case of temporary failure.
Chapter 3 The Commands: Reference Examples DMARC Verification Would you like to modify DMARC report settings? (Yes/No) [N]> y Enter the time of day to generate aggregate feedback reports. Use 24-hour format (HH:MM). [00:00]> Would you like to send DMARC error reports? (Yes/No) [N]> y Enter the entity name responsible for report generation. This is added to the DMARC aggregate reports. []> example.com Enter additional contact information to be added to DMARC aggregate reports.
Chapter 3 The Commands: Reference Examples DNS - SETUP - Change global settings. []> DNS This section contains the following CLI commands: • dig • dnsconfig • dnsflush • dnshostprefs • dnslistconfig • dnslisttest • dnsstatus dig Description Look up a record on a DNS server Usage Commit: This command does not require a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format.
Chapter 3 The Commands: Reference Examples DNS -u Make query over UDP (default). dns_ip - Query the DNS server at this IP address. qtype - Query type: A, PTR, CNAME, MX, SOA, NS, TXT. hostname - Record that user want to look up. reverse_ip - Reverse lookup IP address. dns_ip - Query the DNS server at this IP address. Example The following example explicitly specifies a DNS server for the lookup. mail.com> dig @111.111.111.111 example.com MX ; <<>> DiG 9.4.3-P2 <<>> @111.111.111.111 example.
Chapter 3 The Commands: Reference Examples DNS Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format. Batch Format The batch format of the dnsconfig command can be used to perform all the functions of the traditional CLI command.
Chapter 3 The Commands: Reference Examples DNS Note You can override certain domains by specifying an alternate name server for that domain. • Deleting nameservers: dnsconfig roots delete [ns_name] Note When deleting, if you do not specify an ns_name, then all nameservers for that domain will be removed. • Clearing all DNS settings and automatically configuring the system to use the Internet root servers: dnsconfig roots Displaying the current DNS settings.
Chapter 3 The Commands: Reference Examples DNS Do you want the Gateway to use the Internet's root DNS servers or would you like it to use your own DNS servers? 1. Use Internet root DNS servers 2. Use own DNS cache servers [1]> 1 Choose the IP interface for DNS traffic. 1. Auto 2. Management (10.92.149.70/24: mail3.example.com) [1]> Enter the number of seconds to wait before timing out reverse DNS lookups. [20]> Enter the minimum TTL in seconds for DNS cache.
Chapter 3 The Commands: Reference Examples DNS Choose the operation you want to perform: - NEW - Add a new server. - EDIT - Edit a server. - DELETE - Remove a server. - SETUP - Configure general settings. []> Using Your Own DNS Cache Servers You can configure the appliance to use your own DNS cache server. mail3.example.com> dnsconfig Currently using the Internet root DNS servers. Alternate authoritative DNS servers: 1. com: dns.example.com (10.1.10.
Chapter 3 DNS []> dnsflush Description Clear all entries from the DNS cache. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example mail3.example.com> dnsflush Are you sure you want to clear out the DNS cache? [N]> Y dnshostprefs Description Configure IPv4/IPv6 DNS preferences Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples DNS 3. Require IPv4 4. Require IPv6 [2]> 3 Choose the operation you want to perform: - NEW - Add new domain override. - SETDEFAULT - Set the default behavior. []> setdefault How should the appliance sort IP addresses? 1. Prefer IPv4 2. Prefer IPv6 3. Require IPv4 4. Require IPv6 [2]> 1 Choose the operation you want to perform: - NEW - Add new domain override. - SETDEFAULT - Set the default behavior.
Chapter 3 DNS Current DNS List Settings: Negative Response TTL: 1200 seconds DNS List Query Timeout: 3 seconds Choose the operation you want to perform: - SETUP - Configure general settings. []> dnslisttest Description Test a DNS lookup for a DNS-based list service. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example mail3.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Example mail3.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting • settime • settz • shutdown • sshconfig • status • supportrequest • supportrequeststatus • supportrequestupdate • suspend • suspenddel • suspendlistener • tcpservices • techsupport • tlsverify • trace • trackingconfig • updateconfig • updatenow • upgrade • version • wipedata See also Virtual Appliance Management, page 3-294.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting In the following example, the From: Address for notifications is changed from: Mail Delivery System [MAILER-DAEMON@domain] (the default) to Notifications [Notification@example.com] Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting adminaccessconfig Description Use the adminaccessconfig command to configure: • Login message (banner) for the administrator. • IP-based access for appliance administrative interface. • Web interface Cross-Site Request Forgeries protection. • Option to use host header in HTTP requests. • Web interface and CLI session inactivity timeout. Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting • Deleting all existing IP addresses/subnets/ranges adminaccessconfig ipaccess clear • Printing the login banner adminaccessconfig banner print • Importing a login banner from a file on the appliance adminaccessconfig banner import • Deleting an existing login banner adminaccessconfig banner clear • Printing the welcome banner adminaccessconfig welcome print • Importing a welcome banner from
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting • Delete all existing allowed proxy IP addresses adminaccessconfig ipaccess proxylist clear • Configure the header name that contains origin IP address adminaccessconfig ipaccess proxy-header • Enable or disable web interface Cross-Site Request Forgeries protection adminaccessconfig csrf • Check whether web interface Cross-Site Request Forgeries protection is enabled adminacc
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - PROXY - Specify IP addresses/Subnets/Ranges to be allowed access through proxy or directly. []> restrict List of allowed IP addresses/Subnets/Ranges: Choose the operation you want to perform: - NEW - Add a new IP address/subnet/range. []> new Please enter IP address, subnet or range. []> 192.168.1.2-100 List of allowed IP addresses/Subnets/Ranges: 1. 192.168.1.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting the GUI. You can use the login banner to display internal security information or best practice instructions for the appliance. For example, you can create a simple note that saying that unauthorized use of the appliance is prohibited or a detailed warning concerning the organization’s right to review changes made by the user to the appliance.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting mail.example.com> adminaccessconfig Choose the operation you want to perform: - BANNER - Configure login message (banner) for appliance administrator login. - WELCOME - Configure welcome message (post login message) for appliance administrator login. - IPACCESS - Configure IP-based access for appliance administrative interface. - CSRF - Configure web UI Cross-Site Request Forgeries protection.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Example - Pasting in a certificate In the following example, a certificate is installed by pasting in the certificate and private key. mail3.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Name Common Name Issued By Status Remaining -------- ------------------- -------------------- ------------- --------partner.c brutus.partner.com brutus.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting [1]> 1 Enter a name for this certificate profile: > example.com Enter Common Name: > example.com Enter Organization: > Example Enter Organizational Unit: > Org Enter Locality or City: > San Francisoc Enter State or Province: > CA Enter Country (2 letter code): > US Duration before expiration (in days): [3650]> 1. 1024 2.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - DELETE - Remove a certificate - PRINT - View certificates assigned to services []> Example - Create a Self-signed S/MIME Signing Certificate The following example shows how to create a self-signed S/MIME certificate for signing messages. vm10esa0031.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting []> admin@example.com Add another member? [Y]> n Begin entering domain entries for 'subjectAltName'. Enter the DNS you want to add. []> domain.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting • Troubleshoot hardware and network issues using various utilities • Check the RAID status • Display ARP cache • Clear LDAP, DNS, and ARP caches • Send SMTP test messages Using the diagnostic Command The following commands are available within the diagnostic submenu: Table 3-6 diagnostic Subcommands Option Sub Commands Availability RAID 1. Run disk verify Available on C30 and C60 only. 2.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting • Check the RAID status diagnostic raid • Show the contents of the ARP cache diagnostic network arpshow • Show the contents of the NDP cache diagnostic network ndpshow • Clear the LDAP, DNS, ARP and NDP caches diagnostic network flush • Reset and delete the reporting database diagnostic reporting deletedb • Enable reporting daemons diagnostic reporting enable • Disable reporting daemons diagno
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - TRACKING - Tracking Utilities. - RELOAD - Reset configuration to the initial manufacturer values. []> network Choose the operation you want to perform: - FLUSH - Flush all network related caches. - ARPSHOW - Show system ARP cache. - NDPSHOW - Show system NDP cache. - SMTPPING - Test a remote SMTP server. - TCPDUMP - Dump ethernet packets. []> arpshow System ARP cache contents: (10.76.69.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - NDPSHOW - Show system NDP cache. - SMTPPING - Test a remote SMTP server. - TCPDUMP - Dump ethernet packets. []> smtpping Enter the hostname or IP address of the SMTP server: [mail.example.com]> mail.com The domain you entered has MX records. Would you like to select an MX host to test instead? [Y]> y Select an MX host to test. 1. mx00.gmx.com 2. mx01.gmx.com [1]> Select a network interface to use for the test.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Usage Commit: This command requires a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command supports a batch format. Batch Format diskquotaconfig [ [ [ ]]] Valid values for are euq, pvo, tracking, reporting Valid values for are integers. Example mail.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting []> ecconfig Set or clear the enrollment client that is used to obtain certificates for use with the URL Filtering feature. Do not use this command without guidance from Cisco support. Entries must be in the format or . Port is optional. To specify the default server, enter ecconfig server default. Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting ecstatus Display the current version of the enrollment client that is used to automatically obtain certificates for use with the URL Filtering feature. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail.example.com> ecstatus Component Version Enrollment Client 1.0.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example The following example shows modifications to an encryption profile: mail.example.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Profile name: HIPAA External URL: https://res.cisco.com Encryption algorithm: ARC4 Payload Transport URL: http://res.cisco.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Choose the operation you want to perform: - NAME - Change profile name - EXTERNAL - Change external URL - ALGORITHM - Change encryption algorithm - PAYLOAD - Change the payload transport URL - SECURITY - Change envelope security - RECEIPT - Change return receipt handling - FORWARD - Change "Secure Forward" setting - REPLYALL - Change "Secure Reply All" setting - LOCALIZED_ENVELOPE - Enable or disable display of e
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Choose the operation you want to perform: - NEW - Create a new encryption profile - EDIT - Edit an existing encryption profile - DELETE - Delete an encryption profile - PRINT - Print all configuration profiles - CLEAR - Clear all configuration profiles - PROXY - Configure a key server proxy []> IronPort Email Encryption: Enabled Choose the operation you want to perform: - SETUP - Enable/Disable IronPort Email Encr
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e., the specific machine you are logged onto). Batch Command: This command does not support a batch format. Example mail3.example.com> encryptionupdate Requesting update of PXE Engine.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting featurekeyconfig Description The featurekeyconfig command allows you to configure the machine to automatically download available keys and update the keys on the machine. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine. Batch Command: This command does not support a batch format.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Usage Commit: This command requires ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format. For details, see the inline help by typing the command: help generalconfig. Example - Configure Internet Explorer Compatibility Mode Override The following example shows how to override IE Compatibility Mode. mail.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting High CPU usage High memory usage Based on this analysis, we recommend you to contact Cisco Customer Support before upgrading. healthconfig Description Configure the threshold of various health parameters of your appliance such as CPU usage, maximum messages in work queue and so on Usage Commit: This command requires ‘commit’.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Do you want to receive alerts if the overall CPU usage exceeds threshold value?[N]> n Choose the operation you want to perform: - WORKQUEUE - View and edit workqueue-health configuration. - CPU - View and edit CPU-health configuration. - SWAP - View and edit swap-health configuration.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Please enter the fully qualified hostname or IP address of your NTP server. []> ntp.example.com Currently configured NTP servers: 1. time.ironport.com 2. bitsy.mit.edi Choose the operation you want to perform: - NEW - Add a server. - DELETE - Remove a server. - SOURCEINT - Set the interface from whose IP address NTP queries should originate.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Enter the number of seconds to wait before abruptly closing connections. [30]> Waiting for listeners to exit... Receiving suspended. Waiting for outgoing deliveries to finish... Mail delivery suspended. repengstatus Description Request version information of Reputation Engine. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting resumedel Description Resume deliveries. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail.example.com> resumedel Currently suspended domains: 1. domain1.com 2. domain2.com 3. domain3.com Enter one or more domains [comma-separated] to which you want to resume delivery.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting mail3.example.com> revert Description Revert to a previous release. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example mail.example.com> revert This command will revert the appliance to a previous version of AsyncOS.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting settime Description The settime command allows you to manually set the time if you are not using an NTP server. The command asks you if you want to stop NTP and manually set the system clock. Enter the time is using this format: MM/DD/YYYY HH:MM:SS. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Choose the operation you want to perform: - SETUP - Set the local time zone. []> setup Please choose your continent: 1. Africa 2. America [ ... ] 11. GMT Offset [2]> 2 Please choose your country: 1. Anguilla [ ... ] 45. United States 46. Uruguay 47. Venezuela 48. Virgin Islands (British) 49. Virgin Islands (U.S.) [45]> 45 Please choose your timezone: 1. Alaska Time (Anchorage) 2.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting The system will power off automatically. Connection to mail.example.com closed. sshconfig Description Configure SSH server and user key settings. Usage Commit: This command requires a ‘commit’. Cluster Management: This command is restricted to cluster mode. Batch Command: This command does not support a batch format. Reboot. Reboot is required for changes to take effect.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting ssh-rsa Cipher Algorithms: aes128-ctr aes192-ctr aes256-ctr arcfour256 arcfour128 aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc arcfour rijndael-cbc@lysator.liu.se MAC Methods: hmac-md5 hmac-sha1 umac-64@openssh.com hmac-ripemd160 hmac-ripemd160@openssh.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting aes128-cbc 3des-cbc blowfish-cbc cast128-cbc aes192-cbc aes256-cbc arcfour rijndael-cbc@lysator.liu.se MAC Methods: hmac-md5 hmac-sha1 umac-64@openssh.com hmac-ripemd160 hmac-ripemd160@openssh.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Feature - McAfee: [....] Feature - Outbreak Filters: 161 days 161 days Counters: Receiving Messages Received Recipients Received Rejection Rejected Recipients Dropped Messages Queue Soft Bounced Events Completion Completed Recipients Current IDs Message ID (MID) Injection Conn. ID (ICID) Delivery Conn. ID (DCID) Gauges: Connections Current Inbound Conn. Current Outbound Conn.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Example The following example shows a support request that is not related to an existing support ticket. mail.example.com> supportrequest Please Note: If you have an urgent issue, please call one of our worldwide Support Centers (www.cisco.com/support). Use this command to open a technical support request for issues that are not urgent, such as: - Request for information.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting It is important to associate all your service contracts with your Cisco.com profile (CCO ID) in order for you to receive complete access to support and services from Cisco. Please follow the URLs below to associate your contract coverage on your Cisco.com profile. If you do not have a CCO ID, please follow the URL below to create a CCO ID. How to create a CCO ID: https://tools.cisco.com/RPF/register/register.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Example mail.example.com> supportrequeststatus Component Support Request Version 1.0 Last Updated Never updated supportrequestupdate Description Request manual update of Support Request Keywords for requesting support from Cisco TAC. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine).
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting mail3.example.com> suspenddel Description Suspend deliveries Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail.example.com> suspenddel Enter the number of seconds to wait before abruptly closing connections.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting 3. OutboundMail [1]> 1 Enter the number of seconds to wait before abruptly closing connections. [30]> Waiting for listeners to exit... Receiving suspended. mail3.example.com> tcpservices Description Display information about files opened by processes. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting gui ginetd ginetd ginetd ginetd ginetd hermes splunkd splunkd api_serve api_serve api_serve api_serve java root root root root root root root root root root root root root root IPv6 IPv4 IPv4 IPv6 IPv4 IPv6 IPv4 IPv4 IPv4 IPv4 IPv6 IPv4 IPv6 IPv6 TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP TCP [2001:db8::]:443 172.29.181.70:22 10.1.1.0:22 [2001:db8::]:22 10.1.1.0:2222 [2001:db8::]:2222 172.29.181.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Service Access currently ENABLED (0 current service logins). Tunnel option is not active. Serial Number: XXXXXXXXXXXX-XXXXXXX Choose the operation you want to perform: - DISABLE - Prevent customer service representatives from remotely accessing your system. - STATUS - Display the current techsupport status.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting TLS successfully connected to mxe.example.com. TLS verification completed. trace Description Trace the flow of a message through the system Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.com> trace Enter the source IP []> 192.168.1.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - Use SenderBase For Flow Control: Yes (Default) Spam Detection Enabled: Yes (Default) Virus Detection Enabled: Yes (Default) Allow TLS Connections: No (Default) Processing MAIL FROM: - Default Domain Processing: No Change Processing Recipient List: Processing admin@ironport.com - Default Domain Processing: No Change - Domain Map: No Change - RAT matched on admin@ironport.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Subject: hello This is a test message. Run through another debug session? [N]> Note When using trace, you must include both the header and the body of the message pasted into the CLI. trackingconfig Description Configure the tracking system. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine).
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e., the specific machine you are logged onto). Batch Command: This command supports a batch format. Batch Format The batch format of the tzupdate command forces an update off all time zone rules even if no changes are detected.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting -----------------------------------------------------------------------------------------Feature Key updates http://downloads.ironport.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting 2. Use own server [1]> For the following services, please select where the system will download the list of available updates from: Service (list): Update URL: -----------------------------------------------------------------------------------------Timezone rules Cisco IronPort Servers Enrollment Client Updates Cisco IronPort Servers Support Request updates Cisco IronPort Servers 1.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting [N]> Service (images): Update URL: -----------------------------------------------------------------------------------------Feature Key updates http://downloads.ironport.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Update interval: 5m Proxy server: not enabled HTTPS Proxy server: not enabled Choose the operation you want to perform: - SETUP - Edit update configuration.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting - ADD - Upload a new trusted certificate for updates. []> add Paste certificates to be trusted for secure updater connections, blank to quit Trusted Certificate for Updater: Paste cert in PEM format (end with '.'): -----BEGIN CERTIFICATE----MMIICiDCCAfGgAwIBAgIBATANBgkqhkiG9w0BAQUFADCBgDELMAkGA1UEBhMCSU4x DDAKBgNVBAgTA0tBUjENM............................................ -----END CERTIFICATE----.
Chapter 3 The Commands: Reference Examples General Management/Administration/Troubleshooting Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.com> version Current Version =============== Product: Cisco C100V Email Security Virtual Appliance Model: C100V Version: 9.1.
Chapter 3 The Commands: Reference Examples Content Scanning - COREDUMP - Wipe core files on disk []> coredump wipedata: In progress mail.example.com> wipedata Wiping data may take a while and can affect system performance till it completes.
Chapter 3 The Commands: Reference Examples LDAP contentscannerstatus Display the content scanning engine version information. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail.example.com> contentscannerstatus Component Content Scanner Tools Version 11.2.1884.
Chapter 3 The Commands: Reference Examples LDAP ldapconfig Description Configure LDAP servers Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format.
Chapter 3 The Commands: Reference Examples LDAP Please enter the bind password: []> Connect to LDAP server to validate setting? [Y] Connecting to the LDAP server, please wait... Select the server type to use for this server configuration: 1. Active Directory 2. OpenLDAP 3. Unknown or Other [3]> 1 Please enter the port number: [3268]> 3268 Please enter the base: [dc=example,dc=com]> dc=example,dc=com Name: PublicLDAP Hostname: myldapserver.example.
Chapter 3 The Commands: Reference Examples LDAP []> ldaprouting Please create a name for this query: [PublicLDAP.routing]> PublicLDAP.routing Enter the LDAP query string: [(mailLocalAddress={a})]> (mailLocalAddress={a}) The query requires one of the attributes below. Please make a selection.
Chapter 3 The Commands: Reference Examples LDAP MASQUERADE: PublicLDAP.masquerade Choose the operation you want to perform: - SERVER - Change the server for the query. - LDAPACCEPT - Configure whether a recipient address should be accepted or bounced/dropped. - LDAPROUTING - Configure message routing. - MASQUERADE - Configure domain masquerading. - LDAPGROUP - Configure whether a sender or recipient is in a specified group. - SMTPAUTH - Configure SMTP authentication.
Chapter 3 The Commands: Reference Examples LDAP Current LDAP server configurations: 1. PublicLDAP: (myldapserver.example.com:3268) Choose the operation you want to perform: - NEW - Create a new server configuration. - SETUP - Configure LDAP options. - EDIT - Modify a server configuration. - DELETE - Remove a server configuration. []> Example - Configuring Global Settings In the following example, the LDAP global settings are configured, including the certificate for TLS connections. mail3.example.
Chapter 3 The Commands: Reference Examples LDAP Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example mail3.example.com> ldapflush Are you sure you want to flush any cached LDAP results? [N]> y Flushing cache mail3.example.com> ldaptest Description Perform a single LDAP query test Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples LDAP Address to use in query: []> bogus@example.com LDAP query test results: Query: PublicLDAP.ldapaccept Argument: bogus@example.com Action: drop or bounce (depending on listener settings) Reason: no matching LDAP record was found LDAP query test finished. mail3.example.com> sievechar Description Sets or disables the character used for Sieve Email Filtering, as described in RFC 3598.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Mail Delivery Configuration/Monitoring This section contains the following CLI commands: • addresslistconfig • aliasconfig • archivemessage • altsrchost • bounceconfig • bouncerecipients • bvconfig • deleterecipients • deliveryconfig • delivernow • destconfig • hostrate • hoststatus • imageanalysisconfig • oldmessage • rate • redirectrecipients • resetcounters • removemessage • showmess
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format. Batch Format The batch format for the addresslistconfig command can be used to create a new address list, edit an existing address list, print a list of address lists, delete an address list, or find conflicting addresses within an address list.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Address list "add-list1" added. Choose the operation you want to perform: - NEW - Create a new address list. - EDIT - Modify an address list. - DELETE - Remove an address list. - PRINT - Display the contents of an address list. - CONFLICTS - Find conflicting entries within an address list. []> aliasconfig Description Configure email aliases. Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring • Exporting an alias listing on the appliance: aliasconfig export Example mail3.example.com> aliasconfig Enter address(es) for "customercare". Separate multiple addresses with commas. []> bob@example.com, frank@example.com, sally@example.com Adding alias customercare: bob@example.com,frank@example.com,sally@example.com Do you want to add another alias? [N]> n There are currently 1 mappings defined.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring []> print admin: administrator@example.com [ example.com ] customercare: bob@example.com, frank@example.com, sally@example.com There are currently 2 mappings defined. Choose the operation you want to perform: - NEW - Create a new entry. - EDIT - Modify an entry. - DELETE - Remove an entry. - PRINT - Display the table. - IMPORT - Import aliases from a file. - EXPORT - Export table to a file. - CLEAR - Clear the table.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Cluster Management: This command is restricted to machine mode.. Batch Command: This command does not support a batch format. Example In the following example, an older message is archived: mail3.example.com> archivemessage Enter the MID to archive. [0]> 47 MID 47 has been saved in file oldmessage_47.mbox in the configuration altsrchost Description Configure Virtual Gateway(tm) mappings.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring 3. PrivateNet (192.168.1.1/24: mail3.example.com) 4. PublicNet (192.168.2.1/24: mail4.example.com) [1]> 4 Mapping for @exchange.example.com on interface PublicNet created. Choose the operation you want to perform: - NEW - Create a new mapping. - EDIT - Modify a mapping. - DELETE - Remove a mapping. - IMPORT - Load new mappings from a file. - EXPORT - Export all mappings to a file. - PRINT - Display all mappings.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring bounceconfig Description Configure the behavior of bounces. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example In the following example, a bounce profile named bounceprofile is created using the bounceconfig command.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Please enter the maximum number of delay warning messages to send per recipient. [1]> 1 Do you want hard bounce and delay warning messages sent to an alternate address, instead of the sender? [N]> y Please enter the email address to send hard bounce and delay warning. []> bounce-mailbox@example.com Current bounce profiles: 1. Default 2. bounceprofile Choose the operation you want to perform: - NEW - Create a new profile.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Do you want hard bounce messages sent to an alternate address, instead of the sender? [Y]> Please enter the email address to send hard bounce. [bounce-mailbox@example.com]> Current bounce profiles: 1. Default 2. bounceprofile Choose the operation you want to perform: - NEW - Create a new profile. - EDIT - Modify a profile. - DELETE - Remove a profile.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring - HOSTACCESS - Modify the Host Access Table. - BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener. - MASQUERADE - Configure the Domain Masquerading Table. - DOMAINMAP - Configure domain mappings. []> bounceconfig Please choose a bounce profile to apply: 1. Default 2. bouncepr1 3. New Profile [1]> 2 Name: OutboundMail Type: Private Interface: PrivateNet (192.168.1.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example Recipients to be bounced are identified by either the destination recipient host or the message sender identified by the specific address given in the Envelope From line of the message envelope.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Are you sure you want to bounce all messages in the queue? [N]> Y Bouncing messages, please wait. 1000 messages bounced. bvconfig Description Configure settings for Bounce Verification. Use this command to configure keys and invalid bounced emails. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine).
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Choose the operation you want to perform: - KEY - Assign a new key for tagging outgoing mail. - PURGE - Purge keys no longer needed for verifying incoming mail. - CLEAR - Clear all keys including current key. - SETUP - Set how invalid bounces will be handled. []> setup How do you want bounce messages which are not addressed to a valid tagged recipient to be handled? 1. Reject. 2. Add a custom header and deliver.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Delete by Recipient Domain mail3.example.com> deleterecipients Please select how you would like to delete messages: 1. By recipient host. 2. By Envelope From address. 3. All. [1]> 1 Please enter the hostname for the messages you wish to delete. []> example.com Are you sure you want to delete all messages being delivered to "example.com"? [N]> Y Deleting messages, please wait. 100 messages deleted.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example In the following example, the deliveryconfig command is used to set the default interface to “Auto” with “Possible Delivery” enabled.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring 1. By recipient domain 2. All messages [1]> 1 Please enter the recipient domain to schedule for delivery. []>foo.com Scheduling all messages to foo.com for delivery. destconfig Formerly the setgoodtable command. The table is now called the Destination Control Table. Use this table to configure delivery limits for a specified domain.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Sample Destination Control Table The following table shows entries in a destination control table. Table 3-9 Example Destination Control Table Entries Domain Conn. Limit Rcpt. Limit Min. Prd.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring • Import table from a file destconfig import • Export table to a file destconfig export For the edit and new batch commands, any or all of the following options may be provided by identifying the value with the variable name and an equals sign. Options not specified will not be modified (if using edit) or will be set to default values (if using new).
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring - LIST - Display a summary list of all entries. - DETAIL - Display details for one destination or all entries. - CLEAR - Remove all entries. - IMPORT - Import tables from a file. - EXPORT - Export tables to a file.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring There are currently 3 entries configured. mail3.example.com> commit Please enter some comments describing your changes: []> Throttled delivery to partner.com in the destconfig table Do you want to save the current configuration for rollback? [Y]> n Changes committed: Fri May 23 11:42:12 2014 GMT Example: Bounce Profile and TLS Settings In this example, a new destconfig entry is configured for the domain newpartner.com.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Please choose a bounce profile to apply: 1. Default 2. New Profile [1]> 1 There are currently 2 entries configured. Choose the operation you want to perform: - SETUP - Change global settings. - NEW - Create a new entry. - EDIT - Modify an entry. - DELETE - Remove an entry. - DEFAULT - Change the default. - LIST - Display a summary list of all entries. - DETAIL - Display details for one destination or all entries.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Example: Inbound “Shock Absorber” In this example, another destconfig entry is created to throttle mail to the internal groupware server exchange.example.com. This “shock absorber” entry for your internal server throttles inbound delivery to your internal groupware servers during periods of especially high volume traffic.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring - NEW - Create a new entry. - EDIT - Modify an entry. - DELETE - Remove an entry. - DEFAULT - Change the default. - LIST - Display a summary list of all entries. - DETAIL - Display details for one destination or all entries. - CLEAR - Remove all entries. - IMPORT - Import tables from a file. - CLEAR - Remove all entries. []> mail3.example.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Batch Command: This command does not support a batch format Example mail3.example.com> hostrate Recipient host: []> aol.com Enter the number of seconds between displays. [10]> 1 Time 23:38:23 23:38:24 23:38:25 ^C Host Status up up up CrtCncOut 1 1 1 ActvRcp ActvRcp Delta 0 0 0 0 0 0 DlvRcp HrdBncRcp SftBncEvt Delta Delta Delta 4 0 0 4 0 0 12 0 0 Use Control-C to stop the hostrate command.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Other Hard Bounces Delivered Recipients Deleted Recipients Gauges: Queue Active Recipients Unattempted Recipients Attempted Recipients Connections Current Outbound Connections Pending Outbound Connections 0 0 0 0 0 0 0 0 Oldest Message No Messages Last Activity Fri Aug 8 11:04:24 2003 Ordered IP addresses: (expiring at Fri Aug 8 11:34:24 2003) Preference IPs 15 64.12.137.121 64.12.138.89 64.12.138.120 15 64.12.137.89 64.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format Example mail.example.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring oldmessage Description Displays the mid and headers of the oldest non-quarantine message on the system. Usage Commit: This command does not require a commit. Cluster Management: This command is restricted to machine mode.. Batch Command: This command does not support a batch format. Example In the following example, an older messages are displayed: mail3.example.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring 23:37:13 23:37:14 23:37:15 23:37:16 23:37:17 23:37:18 23:37:19 23:37:21 ^C 10 8 9 7 5 9 7 11 2 2 2 3 3 3 3 3 41708833 41708841 41708848 41708852 41708858 41708871 41708881 41708893 0 8 7 4 6 13 10 12 40842686 40842692 40842700 40842705 40842711 40842722 40842734 40842744 0 6 8 5 6 11 12 10 64 105 76 64 64 67 64 79 redirectrecipients Description Redirect all messages to another relay host.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Are you sure you want to redirect all mail in the queue to "example2.com"? [N]> y Redirecting messages, please wait. 246 recipients redirected. resetcounters Description Reset all of the counters in the system Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Received: from example2.com ([172.16.0.102]) by test02.com with SMTP; 01 Mar 2007 19:50:41 -0800 From: user123@test02.com To: 9526@example.com Subject: Testing Message-Id: <20070302035041.67424.53212@test02.com> Remove this message? [N]> y showmessage Description Shows the message and message body for a specified message ID. Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Batch Format The batch format of the showrecipients command can be used to perform all the fuctions of the traditional CLI command. • Find messages by a recipient host name showrecipients host • Find messages by an envelope from address showrecipients [sender_options] The following sender_option is available: --match-case • Case-sensitive matching for the username portion of an address.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring [0] [0] 1703@example.com 1533 [0] 1230 [0] user123456@ironport.com Testing 3052@example.com 1536 [0] 1230 [0] user123456@ironport.com Testing 511@example.com status The status command is used to display the system status of your appliance. Using the ‘detail’ option (status detail) displays additional information. Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Kilobytes Used Kilobytes Free Quarantine Messages In Quarantine Policy, Virus and Outbreak Kilobytes In Quarantine Policy, Virus and Outbreak 184 8,388,424 0 0 tophosts Description To get immediate information about the email queue and determine if a particular recipient host has delivery problems — such as a queue buildup — use the tophosts command.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring topin Description Display the top hosts by number of incoming connections Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.com> topin Status as of: Sat Aug 23 21:50:54 2003 # Remote hostname Remote IP addr. listener 1mail.remotedomain01.com 172.16.0.2 Incoming01 2 mail.
Chapter 3 The Commands: Reference Examples Mail Delivery Configuration/Monitoring Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example In this example, the address user@example.net is added to the Global Unsubscribe list, and the feature is configured to hard bounce messages. Messages sent to this address will be bounced; the appliance will bounce the message immediately prior to delivery.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Do you want to save the current configuration for rollback? [Y]> n Changes committed: Fri May 23 11:42:12 2014 GMT workqueue Description Display and/or alter work queue pause status Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools • netstat • nslookup • packetcapture • ping • ping6 • routeconfig • setgateway • sethostname • smtproutes • sslconfig • sslv3config • telnet • traceroute • traceroute6 etherconfig Description Configure Ethernet settings, including media settings, NIC pairing, VLAN configuration, and DSR configuration. Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools VLAN tag ID for the interface (Ex: "34"): []> 12 Enter the name or number of the ethernet interface you wish bind to: 1. Data 1 2. Data 2 3. Management [1]> 1 VLAN interfaces: 1. VLAN 12 (Data 1) Choose the operation you want to perform: - NEW - Create a new VLAN. - EDIT - Edit a VLAN. - DELETE - Delete a VLAN. []> Choose the operation you want to perform: - MEDIA - View and edit ethernet media settings.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Please enter a non-default (1500) MTU value for the Data 2 interface. []> 1200 Ethernet interfaces: 1. Data 1 default mtu 1500 2. Data 2 mtu 1200 3. Management default mtu 1500 4. VLAN 12 default mtu 1500 Choose the operation you want to perform: - EDIT - Edit an ethernet interface. []> interfaceconfig Description Configure the interface. You can create, edit, or delete interfaces.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools [--euq_http[=]] [--euq_https][=] [--ccs[=]]. FTP is available only on IPv4. • Deleting an interface interfaceconfig delete Example: Configuring an Interface mail.example.com> interfaceconfig Currently configured interfaces: 1. Management (10.76.69.149/24 on Management: mail.example.com) Choose the operation you want to perform: - NEW - Create a new interface. - EDIT - Modify an interface.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Do you want to enable HTTP on this interface? [Y]> Which port do you want to use for HTTP? [80]> Do you want to enable HTTPS on this interface? [Y]> Which port do you want to use for HTTPS? [443]> Do you want to enable Spam Quarantine HTTP on this interface? [N]> Do you want to enable Spam Quarantine HTTPS on this interface? [N]> Do you want to enable AsyncOS API (Monitoring) HTTP on this interface? [N]> y Which port do y
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Table 3-10 nslookup Command Query Types Query Type Description MX the mail exchanger NS the name server for the named zone PTR the hostname if the query is an Internet address, otherwise the pointer to other information SOA the domain's “start-of-authority” information TXT the text information Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format Example example.com> netstat Choose the information you want to display: 1. List of active sockets. 2. State of network interfaces. 3. Contents of routing tables. 4. Size of the listen queues. 5. Packet traffic information.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Current Settings: Maximum File Size: Limit: Interface(s): Filter: 200 MB None (Run Indefinitely) ALL (tcp port 25) Choose the operation you want to perform: - START - Start packet capture. - SETUP - Change packet capture settings. []> start Success - Packet Capture has started Capture Information: File Name: File Size: Duration: Limit: Interface(s): Filter: C100V-421C73B18CFB05784A83-B03A99E71ED8-20150312-105256.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Current Settings: Maximum File Size: Limit: Interface(s): Filter: 200 MB None (Run Indefinitely) ALL (tcp port 25) Choose the operation you want to perform: - START - Start packet capture. - SETUP - Change packet capture settings. []> ping Description The ping command allows you to test connectivity to a network host from the appliance. Usage Commit: This command does not require a ‘commit’.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools --- anotherhost.example.com ping statistics --11 packets transmitted, 11 packets received, 0% packet loss round-trip min/avg/max/stddev = 0.115/0.242/1.421/0.373 ms ^C Note You must use Control-C to end the ping command. ping6 Description Ping a network host using IPv6 Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Routes consist of a nickname (for future reference), a destination, and a gateway. A gateway (the next hop) is an IP address such as 10.1.1.2. The destination can be one of two things: • an IP address, such as 192.168.14.32 • a subnet using CIDR notation. For example, 192.168.5.0/24 means the entire class C network from 192.168.5.0 to 192.168.5.255.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools • Deleting a static route: routeconfig delete 4|6 • Deleting all static routes: routeconfig clear [4|6] • Printing a list of static routes: routeconfig print [4|6] Example mail3.example.com> routeconfig Configure routes for: 1. IPv4 2. IPv6 [1]> Currently configured routes: Choose the operation you want to perform: - NEW - Create a new route.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools [1]> 2 Currently configured routes: Choose the operation you want to perform: - NEW - Create a new route. []> new Please create a name for the route: []> EuropeIPv6Net Please enter the destination IPv6 address to match on. CIDR addresses such as 2001:db8::/32 are also allowed.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Please enter some comments describing your changes: []> changed default gateway to 192.168.20.1 Do you want to save the current configuration for rollback? [Y]> n Changes committed: Fri May 23 11:42:12 2014 GMT sethostname Description The hostname is used to identify the system at the CLI prompt. You must enter a fully-qualified hostname. The sethostname command sets the name of the Email Security appliance.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format. Batch Format The batch format of the smtproutes command can be used to perform all the fuctions of the traditional CLI command.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools - NEW - Create a new route. - IMPORT - Import new routes from a file. []> new Enter the domain for which you want to set up a permanent route. Partial hostnames such as ".example.com" are allowed. Use "ALL" for the default route. []> example.com Enter the destination hosts, separated by commas, which you want mail for example.com to be delivered. Enter USEDNS by itself to use normal DNS resolution for this route.
Chapter 3 Networking Configuration / Network Tools RC4-SHA RC4-MD5 ALL Outbound SMTP method: sslv3tlsv1 Outbound SMTP ciphers: RC4-SHA RC4-MD5 ALL Choose the operation you want to perform: - GUI - Edit GUI HTTPS ssl settings. - INBOUND - Edit Inbound SMTP ssl settings. - OUTBOUND - Edit Outbound SMTP ssl settings. - VERIFY - Verify and show ssl cipher list. []> gui Enter the GUI 1. SSL v2. 2. SSL v3 3. TLS v1 4. SSL v2 and 5. SSL v3 and 6. SSL v2, v3 [5]> 6 HTTPS ssl method you want to use.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools sslconfig settings: GUI HTTPS method: sslv2sslv3tlsv1 GUI HTTPS ciphers: RC4-SHA RC4-MD5 ALL Inbound SMTP method: sslv2sslv3tlsv1 Inbound SMTP ciphers: RC4-SHA RC4-MD5 ALL Outbound SMTP method: sslv3tlsv1 Outbound SMTP ciphers: RC4-SHA RC4-MD5 ALL Choose the operation you want to perform: - GUI - Edit GUI HTTPS ssl settings. - INBOUND - Edit Inbound SMTP ssl settings. - OUTBOUND - Edit Outbound SMTP ssl settings.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools 2. LDAP Service 3. Updater Service 4. Web Security Service [1]> Do you want to enable SSLv3 for EUQ Service ? [Y]>n Choose the operation you want to perform: - SETUP - Toggle SSLv3 settings. []> telnet Description Connect to a remote host Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e.
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools traceroute Description Use the traceroute command to test connectivity to a network host using IPV4 from the appliance and debug routing issues with network hops. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e., the specific machine you are logged onto).
Chapter 3 The Commands: Reference Examples Networking Configuration / Network Tools Example mail.example.com> traceroute6 Which interface do you want to trace from? 1. Auto 2. D1 (2001:db8::/32: example.com) [1]> 1 Please enter the host to which you want to trace the route. []> example.com Press Ctrl-C to stop. connect: No route to host vm10esa0031.qa> traceroute6 Which interface do you want to trace from? 1. Auto 2. D1 (2001:db8::/32: example.
Chapter 3 The Commands: Reference Examples Outbreak Filters Outbreak Filters This section contains the following CLI commands: • outbreakconfig • outbreakflush • outbreakstatus • outbreakupdate outbreakconfig Description Use the outbreakconfig command to configure the Outbreak Filter feature.
Chapter 3 The Commands: Reference Examples Outbreak Filters [524288]> Do you want to use adaptive rules to compute the threat level of messages? [Y]> Logging of URLs is currently disabled. Do you wish to enable logging of URL's? [N]> Y Logging of URLs has been enabled. The Outbreak Filters feature is now globally enabled on the system. You must use the 'policyconfig' command in the CLI or the Email Security Manager in the GUI to enable Outbreak Filters for the desired Incoming and Outgoing Mail Policies.
Chapter 3 The Commands: Reference Examples Outbreak Filters outbreakstatus Description The outbreakstatus command shows the current Outbreak Filters feature settings, including whether the Outbreak Filters feature is enabled, any Outbreak Rules, and the current threshold. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples Policy Enforcement Batch Command: This command does not support a batch format. Example elroy.run> outbreakupdate Requesting updates for Outbreak Filter Rules.
Chapter 3 The Commands: Reference Examples Policy Enforcement Choose the operation you want to perform: - NEW - Create a new content dictionary. []> new Enter a name for this content dictionary. []> HRWords Do you wish to specify a file for import? [N]> Enter new words or regular expressions, enter a blank line to finish. Currently configured content dictionaries: 1. HRWords Choose the operation you want to perform: - NEW - Create a new content dictionary.
Chapter 3 The Commands: Reference Examples Policy Enforcement []> edit Enter the number of the dictionary you want to edit: 1. secret_words []> 1 Choose the operation you want to perform on dictionary 'secret_words': - NEW - Create new entries in this dictionary. - IMPORT - Replace all of the words in this dictionary. - EXPORT - Export the words in this dictionary. - DELETE - Remove an entry in this dictionary. - PRINT - List the entries in this dictionary.
Chapter 3 The Commands: Reference Examples Policy Enforcement Importing Dictionaries In the example below, using the dictionaryconfig command, 84 terms in the profanity.txt text file are imported as Unicode (UTF-8) into a dictionary named profanity. mail3.example.com> dictionaryconfig No content dictionaries have been defined. Choose the operation you want to perform: - NEW - Create a new content dictionary. []> new Enter a name for this content dictionary.
Chapter 3 The Commands: Reference Examples Policy Enforcement []> edit Enter the number of the dictionary you want to edit: 1. secret_words []> 1 Choose the operation you want to perform on dictionary 'secret_words': - NEW - Create new entries in this dictionary. - IMPORT - Replace all of the words in this dictionary. - EXPORT - Export the words in this dictionary. - DELETE - Remove an entry in this dictionary. - PRINT - List the entries in this dictionary.
Chapter 3 The Commands: Reference Examples Policy Enforcement Cluster Management: This command can be used in all three machine modes (cluster, group, machine).. Batch Command: This command does not support a batch format. Example mail3.example.com> exceptionconfig Choose the operation you want to perform: - NEW - Create a new domain exception table entry []> new Enter a domain, sub-domain, user, or email address for which you wish to provide an exception: []> mail.partner.
Chapter 3 The Commands: Reference Examples Policy Enforcement Batch Command: This command does not support a batch format Example In this example, the filter command is used to create three new filters: • The first filter is named big_messages. It uses the body-size rule to drop messages larger than 10 megabytes. • The second filter is named no_mp3s. It uses the attachment-filename rule to drop messages that contain attachments with the filename extension of .mp3.
Chapter 3 The Commands: Reference Examples Policy Enforcement - LOGCONFIG - Configure log subscriptions used by filters. - ROLLOVERNOW - Roll over a filter log file. []> new Enter filter script. Enter '.' on its own line to end. mailfrompm: if (mail-from == "^postmaster$") { bcc ("administrator@example.com");} . 1 filters added. Choose the operation you want to perform: - NEW - Create a new filter. - DELETE - Remove a filter. - IMPORT - Import a filter script from a file.
Chapter 3 The Commands: Reference Examples Policy Enforcement Creating an Incoming Mail Policy to Drop Spam Messages and Archive Suspected Spam Messages In this example, the policyconfig -> edit -> antispam subcommand is used to edit the Anti-Spam settings for the default incoming mail policy. (Note that this same configuration is available in the GUI from the Email Security Manager feature.) • First, messages positively identified as spam are chosen not to be archived; they will be dropped.
Chapter 3 The Commands: Reference Examples Policy Enforcement - OUTBREAK - Modify Outbreak Filters policy []> antispam Choose the operation you want to perform: - EDIT - Edit Anti-Spam policy - DISABLE - Disable Anti-Spam policy (Disables all policy-related actions) []> edit Begin Anti-Spam configuration Some messages will be positively identified as spam. Some messages will be identified as suspected spam. You can set the IronPort Anti-Spam Suspected Spam Threshold below.
Chapter 3 The Commands: Reference Examples Policy Enforcement Suspect-Spam: IronPort - Quarantine - Archiving copies of the original message. Anti-Virus: McAfee - Scan and Clean Content Filters: Off (No content filters have been created) Outbreak Filters: Enabled. No bypass extensions.
Chapter 3 The Commands: Reference Examples Policy Enforcement []> ldap(sales) Please select an LDAP group query: 1. PublicLDAP.ldapgroup [1]> 1 Is this entry a recipient or a sender? 1. Recipient 2. Sender [1]> 1 Add another member? [Y]> n Would you like to enable Anti-Spam support? [Y]> y Use the policy table default? [Y]> n Begin Anti-Spam configuration Some messages will be positively identified as spam. Some messages will be identified as suspected spam.
Chapter 3 The Commands: Reference Examples Policy Enforcement Use the policy table default? [Y]> y Would you like to enable Outbreak Filters for this policy? [Y]> y Use the policy table default? [Y]> y Incoming Mail Policy Configuration Name: Anti-Spam: Anti-Virus: ----------------------- Advanced Malware Protection: ---------- Graymail: ---------- Content Filter: ---------- Outbreak Filters: ----------- sales_team IronPort Default Default Default Default Default DEFAULT Ironport Mcafee N/
Chapter 3 The Commands: Reference Examples Policy Enforcement []> bob@example.com Is this entry a recipient or a sender? 1. Recipient 2. Sender [1]> 1 Add another member? [Y]> y Enter a member for this policy: []> fred@example.com Is this entry a recipient or a sender? 1. Recipient 2. Sender [1]> 1 Add another member? [Y]> y Enter a member for this policy: []> joe@example.com Is this entry a recipient or a sender? 1. Recipient 2.
Chapter 3 The Commands: Reference Examples Policy Enforcement Choose the operation you want to perform: - NEW - Add a file extension - DELETE - Delete a file extension - PRINT - Display all file extensions - CLEAR - Clear all file extensions []> Incoming Mail Policy Configuration Name: Anti-Spam: Anti-Virus: ----------------------- Advanced Malware Protection: ---------- Graymail: ---------- Content Filter: ---------- Outbreak Filters: ----------- sales_team IronPort Default Default Default Def
Chapter 3 The Commands: Reference Examples Policy Enforcement []> filters No filters defined. Choose the operation you want to perform: - NEW - Create a new filter []> new Enter a name for this filter: []> scan_for_confidential Enter a description or comment for this filter (optional): []> scan all incoming mail for the string 'confidential' Filter Name: scan_for_confidential Conditions: Always Run Actions: No actions defined yet.
Chapter 3 The Commands: Reference Examples Policy Enforcement Conditions: body-contains("confidential", 1) Actions: No actions defined yet. Description: scan all incoming mail for the string 'confidential' Choose the operation you want to perform: - RENAME - Rename this filter - DESC - Edit filter description - ADD - Add condition or action - DELETE - Delete condition or action []> add 1. Condition 2. Action [1]> 2 1. Bcc 2. Notify 3. Redirect To Alternate Email Address 4. Redirect To Alternate Host 5.
Chapter 3 The Commands: Reference Examples Policy Enforcement scan all incoming mail for the string 'confidential' Choose the operation you want to perform: - RENAME - Rename this filter - DESC - Edit filter description - ADD - Add condition or action - DELETE - Delete condition or action - SAVE - Save filter []> add 1. Condition 2. Action [1]> 2 1. Bcc 2. Notify 3. Redirect To Alternate Email Address 4. Redirect To Alternate Host 5. Insert A Custom Header 6. Insert A Message Tag 7. Strip A Header 8.
Chapter 3 Policy Enforcement Choose the operation you want to perform: - NEW - Create a new filter - EDIT - Edit an existing filter - DELETE - Delete a filter - PRINT - Print all filters - RENAME - Rename a filter []> Creating the no_mp3s and ex_employee Content Filters Choose the operation you want to perform: - NEW - Create a new filter - EDIT - Edit an existing filter - DELETE - Delete a filter - PRINT - Print all filters - RENAME - Rename a filter []> new Enter a name for this filter: []> no_mp3s Ente
Chapter 3 The Commands: Reference Examples Policy Enforcement 18. Bounce (Final Action) 19. Skip Remaining Content Filters (Final Action) 20. Encrypt (Final Action) 21. Encrypt on Delivery 22.
Chapter 3 Policy Enforcement []> add 1. Condition 2. Action [1]> 1 1. Message Body Contains 2. Only Body Contains (Attachments are not scanned) 3. Message Body Size 4. Subject Header 5. Other Header 6. Attachment Contains 7. Attachment File Type 8. Attachment Name 9. Attachment MIME Type 10. Attachment Protected 11. Attachment Unprotected 12. Attachment Corrupt 13. Envelope Recipient Address 14. Envelope Recipient in LDAP Group 15. Envelope Sender Address 16. Envelope Sender in LDAP Group 17.
Chapter 3 The Commands: Reference Examples Policy Enforcement 12. Drop Attachments By File Type 13. Drop Attachments By Size 14. Send To System Quarantine 15. Duplicate And Send To System Quarantine 16. Add Log Entry 17. Drop (Final Action) 18. Bounce (Final Action) 19. Skip Remaining Content Filters (Final Action) 20. Encrypt (Final Action) 21. Encrypt on Delivery 22. Skip Outbreak Filters check [1]> 2 Enter the email address(es) to send the notification to: []> joe@example.
Chapter 3 The Commands: Reference Examples Policy Enforcement 15. Duplicate And Send To System Quarantine 16. Add Log Entry 17. Drop (Final Action) 18. Bounce (Final Action) 19. Skip Remaining Content Filters (Final Action) 20. Encrypt (Final Action) 21. Encrypt on Delivery 22. Skip Outbreak Filters check [1]> 18 Filter Name: ex_employee Conditions: rcpt-to == "doug" Actions: notify-copy ("joe@example.com", "message bounced for ex-employee of example.
Chapter 3 The Commands: Reference Examples Policy Enforcement - MOVE - Move the position of a policy - FILTERS - Edit content filters - CLEAR - Clear all policies []> Enabling Content Filters for Specific Policies Code Example illustrates how to enable the policies once again to enable the content filters for some policies, but not for others.
Chapter 3 The Commands: Reference Examples Policy Enforcement - OUTBREAK - Modify Outbreak Filters policy - FILTERS - Modify filters []> filters Choose the operation you want to perform: - ENABLE - Enable Content Filters policy []> enable 1. 2. 3. Enter the []> 1 scan_for_confidential no_mp3s ex_employee filter to toggle on/off, or press enter to finish: 1. Active 2. 3. Enter the []> 2 scan_for_confidential no_mp3s ex_employee filter to toggle on/off, or press enter to finish: 1. Active 2. Active 3.
Chapter 3 The Commands: Reference Examples Policy Enforcement - NEW - Create a new policy - EDIT - Edit an existing policy - DELETE - Remove a policy - PRINT - Print all policies - SEARCH - Search for a policy by member - MOVE - Move the position of a policy - FILTERS - Edit content filters - CLEAR - Clear all policies []> edit Anti-Spam: ---------- Graymail: Anti-Virus: Advanced ------------------- Malware Protection: ---------- Content Filter: ---------- Outbreak Filters: ----------- IronPort Defau
Chapter 3 The Commands: Reference Examples Policy Enforcement 1. Active 2. 3. Active Enter the []> scan_for_confidential no_mp3s ex_employee filter to toggle on/off, or press enter to finish: Policy Summaries: Anti-Spam: Default Anti-Virus: Default Graymail Detection: Unsubscribe - Default Content Filters: Enabled. Filters: scan_for_confidential, ex_employee Outbreak Filters: Enabled.
Chapter 3 The Commands: Reference Examples Policy Enforcement Would you like to configure Incoming or Outgoing Mail Policies? 1. Incoming 2.
Chapter 3 The Commands: Reference Examples Policy Enforcement Enter the policy to toggle on/off, or press enter to finish: []> 2 1. Active 2. Active 3. Enter the []> 3 California AB-1298 Suspicious Transmission - Zip Files Restricted Files policy to toggle on/off, or press enter to finish: 1. Active 2. Active 3.
Chapter 3 The Commands: Reference Examples Policy Enforcement 1.
Chapter 3 The Commands: Reference Examples Policy Enforcement Graymail Detection: Unsubscribe - Enabled Social Networking mails : Drop Bulk mails : Drop Content Filters: Off (No content filters have been created) Choose the operation you want to perform: - ANTISPAM - Modify Anti-Spam policy - GRAYMAIL - Modify Graymail policy - FILTERS - Modify filters []> quarantineconfig Description Configure system quarantines. Usage Commit: This command requires a ‘commit’.
Chapter 3 The Commands: Reference Examples Policy Enforcement Do you want add a custom header to messages that are released because "HRQuarantine" overflows? [N]> Do you want to strip all attachments from messages that are released because "HRQuarantine" overflows? [N]> Do you want default action to apply automatically when quarantine space fills up? [Y]> Currently configured quarantines: # Quarantine Name Size (MB) % full Messages Retention 1 HRQuarantine 1,024 N/A N/A 15d 2 Outbreak 3,072 0.
Chapter 3 The Commands: Reference Examples Policy Enforcement Batch Command: This command supports a batch format. Example In this example, the scanconfig command sets these parameters: Note • MIME types of video/*, audio/*, image/* are skipped (not scanned for content). • Nested (recursive) archive attachments up to 10 levels are scanned. (The default is 5 levels.) • The maximum size for attachments to be scanned is 25 megabytes; anything larger will be skipped. (The default is 5 megabytes.
Chapter 3 The Commands: Reference Examples Policy Enforcement If a message could not be deconstructed into its component parts in order to remove specified attachments, the system should: 1. Deliver 2. Bounce 3. Drop [1]> Configure encoding to use when none is specified for plain body text or anything with MIME type plain/text or plain/html. 1. US-ASCII 2. Unicode (UTF-8) 3. Unicode (UTF-16) 4. Western European/Latin-1 (ISO 8859-1) 5. Western European/Latin-1 (Windows CP1252) 6.
Chapter 3 The Commands: Reference Examples Policy Enforcement Batch Command: This command does not support a batch format. Example mail3.example.com> stripheaders Not currently stripping any headers. Choose the operation you want to perform: - SETUP - Set message headers to remove. []> setup Enter the list of headers you wish to strip from the messages before they are delivered. Separate multiple headers with commas.
Chapter 3 The Commands: Reference Examples Policy Enforcement 3. DLP Notification Template 4. Bounce and Encryption Failure Notification Template 5. Message Disclaimer 6. Encryption Notification Template (HTML) 7. Encryption Notification Template (text) 8. Notification Template [1]> 5 Please create a name for the message disclaimer: []> disclaimer 1 Enter the encoding for the message disclaimer: 1. US-ASCII 2. Unicode (UTF-8) 3. Unicode (UTF-16) 4. Western European/Latin-1 (ISO 8859-1) 5.
Chapter 3 The Commands: Reference Examples Policy Enforcement Importing Text Resources Use textconfig -> IMPORT to import a text file as a text resource. The text file must be present in the configuration directory on the appliance. mail3.example.com> textconfig Current Text Resources: 1. footer.2.message (Message Footer) Choose the operation you want to perform: - NEW - Create a new text resource. - IMPORT - Import a text resource from a file. - EXPORT - Export text resource to a file.
Chapter 3 The Commands: Reference Examples Logging and Alerts mail3.example.com> textconfig Current Text Resources: 1. footer.2.message (Message Footer) 2. strip.mp3 (Notification Template) Choose the operation you want to perform: - NEW - Create a new text resource. - IMPORT - Import a text resource from a file. - EXPORT - Export text resource to a file. - PRINT - Display the content of a resource. - EDIT - Modify a resource. - DELETE - Remove a resource from the system.
Chapter 3 The Commands: Reference Examples Logging and Alerts alertconfig Description Configure email alerts. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example: Creating a New Alert In this example, a new alert recipient (alertadmin@example.com) is created and set to receive critical system, hardware, and directory harvest attack alerts.
Chapter 3 The Commands: Reference Examples Logging and Alerts Class: Directory Harvest Attack Prevention - Severities: Critical Class: System - Severities: Critical Initial number of seconds to wait before sending a duplicate alert: 300 Maximum number of seconds to wait before sending a duplicate alert: 3600 Maximum number of alerts stored in the system are: 50 Alerts will be sent using the system-default From Address.
Chapter 3 The Commands: Reference Examples Logging and Alerts 10 Mar 2015 10:33:36 +0000 The updater could not validate the server certificate. Server certificate not validated - unable to get local issuer certificate Last message occurred 26 times between Tue Mar 10 09:33:55 2015 and Tue Mar 10 10:29:57 2015. 10 Mar 2015 10:23:39 +0000 server for at least 1h.
Chapter 3 The Commands: Reference Examples Logging and Alerts Example: Search by Message ID mail.example.com> findevent Please choose which type of search you want to perform: 1. Search by envelope FROM 2. Search by Message ID 3. Search by Subject 4. Search by envelope TO [1]> 2 Enter the Message ID (MID) to search for. []> 1 Currently configured logs: Log Name Log Type Retrieval Interval --------------------------------------------------------------------------------1.
Chapter 3 The Commands: Reference Examples Logging and Alerts Example: Search by envelope TO mail.example.com> findevent Please choose which type of search you want to perform: 1. Search by envelope FROM 2. Search by Message ID 3. Search by Subject 4. Search by envelope TO [1]> 4 Enter the regular expression to search for. []> ' Currently configured logs: Log Name Log Type Retrieval Interval --------------------------------------------------------------------------------1.
Chapter 3 The Commands: Reference Examples Logging and Alerts Use the following options when you run the grep command: Table 3-12 grep Command Options Option Description -C Provides lines of context around the grep pattern found. Enter a value to specify the number of lines to include. -e Enter a regular expression. -i Ignores case sensitivities. -p Paginates the output. -t Runs the grep command over the tail of the log file. regex Enter a regular expression.
Chapter 3 The Commands: Reference Examples Logging and Alerts Example of FTP Push Log Subscription In the following example, the logconfig command is used to configure a new delivery log called myDeliveryLogs. The log is then configured to be pushed via FTP to a remote host mail3.example.com> logconfig Currently configured logs: 1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll 2. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll 3.
Chapter 3 The Commands: Reference Examples Logging and Alerts 21. IronPort Spam Quarantine GUI Logs 22. Reporting Logs 23. Reporting Query Logs 24. Updater Logs 25. Tracking Logs 26. Safe/Block Lists Logs 27. Authentication Logs [1]> 8 Please enter the name for the log: []> myDeliveryLogs Choose the method to retrieve the logs. 1. FTP Poll 2. FTP Push 3. SCP Push 4. Syslog Push [1]> 2 Hostname to deliver the logs: []> yourhost.example.
Chapter 3 The Commands: Reference Examples Logging and Alerts 22. "system_logs" Type: "System Logs" Retrieval: FTP Poll 23. "trackerd_logs" Type: "Tracking Logs" Retrieval: FTP Poll 24. "updater_logs" Type: "Updater Logs" Retrieval: FTP Poll Example of SCP Push Log Subscription In the following example, the logconfig command is used to configure a new delivery log called LogPush. The log is configured to be pushed via SCP to a remote host with the IP address of 10.1.1.
Chapter 3 The Commands: Reference Examples Logging and Alerts 10. CLI Audit Logs 11. FTP Server Logs 12. HTTP Logs 13. NTP logs 14. LDAP Debug Logs 15. Anti-Spam Logs 16. Anti-Spam Archive 17. Anti-Virus Logs 18. Anti-Virus Archive 19. Scanning Logs 20. IronPort Spam Quarantine Logs 21. IronPort Spam Quarantine GUI Logs 22. Reporting Logs 23. Reporting Query Logs 24. Updater Logs 25. Tracking Logs 26. Safe/Block Lists Logs 27.
Chapter 3 The Commands: Reference Examples Logging and Alerts SSH2:dsa 10.1.1.
Chapter 3 The Commands: Reference Examples Logging and Alerts Example of Syslog Push Log Subscription In the following example, the logconfig command is used to configure a new delivery log called MailLogSyslogPush. The log is configured to be pushed to a remote syslog server with the IP address of 10.1.1.2, using UPD, with a ‘mail’ facilityand stored in the directory. mail3.example.com> logconfig Currently configured logs: 1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll 2.
Chapter 3 The Commands: Reference Examples Logging and Alerts 21. IronPort Spam Quarantine GUI Logs 22. Reporting Logs 23. Reporting Query Logs 24. Updater Logs 25. Tracking Logs 26. Safe/Block Lists Logs 27. Authentication Logs [1]> 1 Please enter the name for the log: []> MailLogSyslogPush Log level: 1. Critical 2. Warning 3. Information 4. Debug 5. Trace [3]> 2 Choose the method to retrieve the logs. 1. FTP Poll 2. FTP Push 3. SCP Push 4. Syslog Push [1]> 4 Hostname to deliver the logs: []> 10.1.1.
Chapter 3 The Commands: Reference Examples Logging and Alerts rollovernow Description Roll over a log file. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format. Example mail3.example.com> rollovernow Currently configured logs: 1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll 2. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll 3.
Chapter 3 The Commands: Reference Examples Logging and Alerts Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example In the following example, the snmpconfig command is used to enable SNMP on the “PublicNet” interface on port 161. A passphrase for version 3 is entered and then re-entered for confirmation.
Chapter 3 The Commands: Reference Examples Logging and Alerts Do you want to disable any of these traps? [Y]> Enter number or numbers of traps to disable. Separate multiple numbers with commas. []> 1,8 Enterprise Trap Status 1. RAIDStatusChange Disabled 2. fanFailure Enabled 3. highTemperature Enabled 4. keyExpiration Enabled 5. linkDown Enabled 6. linkUp Enabled 7. powerSupplyStatusChange Enabled 8. resourceConservationMode Disabled 9.
Chapter 3 The Commands: Reference Examples Reporting Currently configured logs: 1. "antispam" Type: "Anti-Spam Logs" Retrieval: FTP Poll 2. "antivirus" Type: "Anti-Virus Logs" Retrieval: FTP Poll 3. "asarchive" Type: "Anti-Spam Archive" Retrieval: FTP Poll 4. "authentication" Type: "Authentication Logs" Retrieval: FTP Poll 5. "avarchive" Type: "Anti-Virus Archive" Retrieval: FTP Poll 6. "bounces" Type: "Bounce Logs" Retrieval: FTP Poll 7. "cli_logs" Type: "CLI Audit Logs" Retrieval: FTP Poll 8.
Chapter 3 The Commands: Reference Examples Reporting reportingconfig Using the reportingconfig command The following subcommands are available within the reportingconfig submenu: Table 3-13 reportingconfig Subcommands Syntax Description Availability filters Configure filters for the Security Management appliance. M-Series only alert_timeout Configure when you will be alerted due M-Series only to failing to get reporting data. domain Configure domain report settings.
Chapter 3 The Commands: Reference Examples Reporting reporting data - DOMAIN - Configure domain report settings. - MODE - Enable/disable centralized reporting. []> Enabling HAT REJECT Information for Domain Reports (M-Series only) mail3.example.com> reportingconfig Choose the operation you want to perform: - FILTERS - Configure filtering for the SMA. - ALERT_TIMEOUT - Configure when you will be alerted due to failing to get reporting data - DOMAIN - Configure domain report settings.
Chapter 3 The Commands: Reference Examples Reporting Enabling Centralized Reporting for an Email Security Appliance mail3.example.com> reportingconfig Choose the operation you want to perform: - MAILSETUP - Configure reporting for the ESA. - MODE - Enable centralized or local reporting for the ESA. []> mode Centralized reporting: Local reporting only. Do you want to enable centralized reporting? [N]> y Choose the operation you want to perform: - MAILSETUP - Configure reporting for the ESA.
Chapter 3 The Commands: Reference Examples Senderbase Choose the operation you want to perform: - SENDERBASE - Configure SenderBase timeout for the web interface. - MULTIPLIER - Configure Sender Reputation Multiplier. - COUNTERS - Limit counters recorded by the reporting system. - THROTTLING - Limit unique hosts tracked for rejected connection reporting. - TLD - Add customer specific domains for reporting rollup.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration senderbaseconfig Description Configure SenderBase connection settings. Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example mail3.example.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command does not support a batch format. Example In the following example you can create a new SMTP call-ahead profile for delivery host. > callaheadconfig No SMTP Call-Ahead profiles are configured on the system.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - PRINT - Display profile information. - TEST - Test profile. - FLUSHCACHE - Flush SMTP Call-Ahead cache. []> new Select the type of profile you want to create: 1. Delivery Host 2. Static Call-Ahead Servers [1]> 2 Please enter a name for the profile: []> Static Enter one or more Call-Ahead servers hostname separated by commas. []> 192.168.1.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration These qualifying criteria are defined in listeners; collectively, they define and enforce your mail flow policies. Listeners also define how the appliance communicates with the system that is injecting email. Table 3-14 listenerconfig Commands Name Unique nickname you supply for the listener, for future reference. The names you define for listeners are case-sensitive.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration • Adding a new listener: listenerconfig new • Deleting a listener: listenerconfig delete Batch Format - HAT The following examples demonstrate the use of the batch format of listenerconfig to perform various HAT-related tasks.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration • Rename a sendergroup listenerconfig edit sendergroup hostaccess edit sendergroup rename • Editing a HAT’s policy listenerconfig edit hostaccess edit policy [options] • Deleting a sendergroup from a HAT listenerconfig edit hostaccess delete sendergroup • Deleting a policy listenerconfig edit hostaccess delete policy • Moving a sendergroup’s position in
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Table 3-15 listenerconfig Argument Values -HAT Argument Description “Accept”, “Relay”, “Reject”, “TCP Refuse”, or “Continue”. When selecting a behavior for use with a sendergroup, additional behaviors of the form “Policy: FOO” are available (where “FOO” is the name of policy). The filename to use with importing and exporting the hostaccess tables. A sendergroup .
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Table 3-15 listenerconfig Argument Values -HAT --max_size Maximum message size. Add a trailing k for kilobytes, M for megabytes, or no letters for bytes. --max_conn Maximum number of connections allowed from a single host. --max_msgs Maximum number of messages per connection. --max_rcpt Maximum number of recipients per message. --override Override the hostname in the SMTP banner. “No” or SMTP banner string.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Table 3-15 listenerconfig Argument Values -HAT --spf Enable SPF verification. “Yes”, “No”, “Default.” --spf_conf_level SPF conformance level. Used with “--spf Yes” only. “spf_only”, “sidf_compatible”, “sidf_strict.” --spf_downgrade_pra Downgrade SPF PRA verification result. Used with “--spf Yes” and “--spf_conf_level sidf_compatible” only. “Yes”, “No.” --spf_helo_test SPF HELO test.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration • Exporting a RAT listenerconfig edit rcptacess export • Clearing the default access listenerconfig edit rcptacess clear Table 3-16 listenerconfig Argument Values - RAT Argument Description Enter the hosts to add. Hosts can be formatted as follows: CIDR addresses (10.1.1.0/24) Hostname (crm.example.com) Partial Hostname (.example.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - EDIT - Modify a listener. - DELETE - Remove a listener. - SETUP - Change global settings. []> new Please select the type of listener you want to create. 1. Private 2. Public 3. Blackhole [2]> 1 Please create a name for this listener (Ex: "OutboundMail"): []> OutboundMail Please choose an IP interface for this Listener. 1. Management (192.168.42.42/24: mail3.example.com) 2. PrivateNet (192.168.1.1/24: mail3.example.com) 3.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - DELETE - Remove a listener. - SETUP - Change global settings. []> Example - Customizing the Host Acess Table (HAT ) for a listener via Export and Import Many of the subcommands within the listenerconfig command allow you to import and export data in order to make large configuration changes without having to enter data piecemeal in the CLI.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - DOMAINMAP - Configure domain mappings.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration max_msgs_per_session = 10 spam_check = "on" use_sb = "on" max_message_size = 1048576 max_rcpts_per_msg = 25 max_concurrency = 10 } WHITELIST: $TRUSTED (My trusted senders have no anti-spam or rate limiting) BLACKLIST: $BLOCKED (Spammers are rejected) SUSPECTLIST: $THROTTLED (Suspicious senders are throttled) UNKNOWNLIST: $ACCEPTED (Reviewed but undecided, continue normal acceptance) ALL $ACCEPTED (Everyone else) Default Policy Paramet
Chapter 3 The Commands: Reference Examples SMTP Services Configuration In this example, the following entries are added to the HAT above the ALL entry: spamdomain.com .spamdomain.com 251.192.1. 169.254.10.10 REJECT REJECT TCPREFUSE RELAY – The first two entries reject all connections from the remote hosts in the domain spamdomain.com and any subdomain of spamdomain.com. – The third line refuses connections from any host with an IP address of 251.192.1.x.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Bounce Profile: Default Use SenderBase For Reputation Filters and IP Profiling: Yes Footer: None LDAP: Off Choose the operation you want to perform: - NAME - Change the name of the listener. - INTERFACE - Change the interface. - LIMITS - Change the injection limits. - SETUP - Configure general options. - HOSTACCESS - Modify the Host Access Table. - RCPTACCESS - Modify the Recipient Access Table.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration There are currently 4 policies defined. There are currently 5 sender groups. Choose the operation you want to perform: - NEW - Create a new entry. - EDIT - Modify an entry. - DELETE - Remove an entry. - MOVE - Move an entry. - DEFAULT - Set the defaults. - PRINT - Display the table. - IMPORT - Import a table from a file. - EXPORT - Export the table to a file. - CLEAR - Remove all entries.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration 251.192.1. TCPREFUSE (TCPREFUSE the IP addresses in "251.192.1") 169.254.10.10 RELAY (RELAY the address 169.254.10.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Enter the name or number of the listener you wish to edit. []> 1 Name: MyListener Type: Public Interface: Management (172.29.181.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - EDIT - Modify an entry. - DELETE - Remove an entry. - MOVE - Move an entry. - DEFAULT - Set the defaults. - PRINT - Display the table. - IMPORT - Import a table from a file. - EXPORT - Export the table to a file. - RESET - Remove senders and set policies to system default. []> default Enter the default maximum message size.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Would you like to enable DKIM/DomainKeys signing? Would you like to enable DKIM verification? [N]> [N]> Would you like to enable S/MIME Public Key Harvesting? [N]> y Would you like to harvest certificate on verification failure? Would you like to harvest updated certificate? [N]> [Y]> Would you like to enable S/MIME gateway decryption/verification? [N]> y Select the appropriate operation for the S/MIME signature processing: 1
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - IMPORT - Import a table from a file. - EXPORT - Export the table to a file. - RESET - Remove senders and set policies to system default. []> Example - Advanced HAT Parameters Table 3-17 defines the syntax of advanced HAT parameters. Note that for the values below which are numbers, you can add a trailing k to denote kilobytes or a trailing M to denote megabytes. Values with no letters are considered bytes.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Table 3-17 Advanced HAT Parameter Syntax Parameter Syntax Values Example Values Define SenderBase Reputation Score sbrs[value1:value2] -10.0- 10.0 sbrs[-10:-7.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Optionally, you can configure the appliance to return a third-party response from the SPF publisher domain if the REJECT action is taken for Neutral, SoftFail, or Fail verification result. By default, the appliance returns the following response: 550-#5.7.1 SPF unauthorized mail is prohibited. 550-The domain example.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Table 3-18 SPF Control Settings Conformance Level SIDF Compatible SIDF Strict Available SPF Control Settings • whether to perform a HELO identity check • whether the verification downgrades a Pass result of the PRA identity to None if the Resent-Sender: or Resent-From: headers are present in the message • SMTP actions taken based on the results of the following identity checks: • HELO identity (if enabled) • MAIL FROM Iden
Chapter 3 The Commands: Reference Examples SMTP Services Configuration What SMTP action should be taken if HELO check returns None? 1. Accept 2. Reject [1]> 1 What SMTP action should be taken if HELO check returns Neutral? 1. Accept 2. Reject [1]> 1 What SMTP action should be taken if HELO check returns SoftFail? 1. Accept 2. Reject [1]> 2 What SMTP action should be taken if HELO check returns Fail? 1. Accept 2. Reject [1]> 2 What SMTP action should be taken if HELO check returns TempError? 1. Accept 2.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Example - Enable DMARC Verification The following example shows how to enable DMARC verification. mail.example.com> listenerconfig Currently configured listeners: 1. Listener 1 (on Management, 172.29.181.70) SMTP TCP Port 25 Public Choose the operation you want to perform: - NEW - Create a new listener. - EDIT - Modify a listener. - DELETE - Remove a listener. - SETUP - Change global settings.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Allow TLS Connections: No Allow SMTP Authentication: No Require TLS To Offer SMTP authentication: No DKIM/DomainKeys Signing Enabled: No DKIM Verification Enabled: No SPF/SIDF Verification Enabled: No DMARC Verification Enabled: No Envelope Sender DNS Verification Enabled: No Domain Exception Table Enabled: No Accept untagged bounces: No There are currently 4 policies defined. There are currently 5 sender groups.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration Enter your custom SMTP response. Press Enter on a blank line to finish. Would you like to use SenderBase for flow control by default? Would you like to enable anti-spam scanning? [Y]> [Y]> Would you like to enable anti-virus scanning? [Y]> Do you want to allow encrypted TLS connections? 1. No 2. Preferred 3. Required 4. Preferred - Verify 5.
Chapter 3 SMTP Services Configuration ========================== Maximum Message Size: 20M Maximum Number Of Concurrent Connections From A Single IP: 10 Maximum Number Of Messages Per Connection: 10 Maximum Number Of Recipients Per Message: 50 Directory Harvest Attack Prevention: Enabled Maximum Number Of Invalid Recipients Per Hour: 25 Maximum Number Of Recipients Per Hour: Disabled Maximum Number of Recipients per Envelope Sender: Disabled Use SenderBase for Flow Control: Yes Spam Detection Enabled: Yes
Chapter 3 The Commands: Reference Examples SMTP Services Configuration - RCPTACCESS - Modify the Recipient Access Table. - BOUNCECONFIG - Choose the bounce profile to use for messages injected on this listener. - MASQUERADE - Configure the Domain Masquerading Table. - DOMAINMAP - Configure domain mappings. []> Currently configured listeners: 1. Listener 1 (on Management, 172.29.181.70) SMTP TCP Port 25 Public Choose the operation you want to perform: - NEW - Create a new listener.
Chapter 3 The Commands: Reference Examples SMTP Services Configuration want the system to failover and attempt to encode the entire message using the encoding of the message footer? (When this feature is enabled, the system will attempt to display the footer "in-line" rather than defaulting to adding it as an attachment.
Chapter 3 The Commands: Reference Examples System Setup 3. Data 2 (192.168.2.1/24: mail3.example.com) 4. Management (192.168.42.42/24: mail3.example.
Chapter 3 The Commands: Reference Examples System Setup Example mail3.example.com> systemsetup WARNING: The system setup wizard will completely delete any existing 'listeners' and all associated settings including the 'Host Access Table' mail operations may be interrupted. Are you sure you wish to continue? [Y]> y Before you begin, please reset the administrator password to a new value.
Chapter 3 The Commands: Reference Examples System Setup Please enter the IP address of your DNS server. []> 192.168.0.3 Do you want to enter another DNS server? [N]> You have successfully configured the DNS settings. ***** You are now going to configure how the IronPort C100 accepts mail by creating a "Listener". Please create a name for this listener (Ex: "MailInterface"): []> InboundMail Please choose an IP interface for this Listener. 1. Data 1 (192.168.1.1/24: ironport-C100.example.
Chapter 3 The Commands: Reference Examples System Setup Require TLS To Offer SMTP authentication: No DKIM/DomainKeys Signing Enabled: No DKIM Verification Enabled: No SPF/SIDF Verification Enabled: No DMARC Verification Enabled: No Envelope Sender DNS Verification Enabled: No Domain Exception Table Enabled: No Accept untagged bounces: No Would you like to change the default host access policy? [N]> n Listener InboundMail created. Defaults have been set for a Public listener.
Chapter 3 The Commands: Reference Examples System Setup (Recommended) [Y]> y ***** You will now configure scheduled reporting. Please enter the email address(es) to deliver scheduled reports to. (Leave blank to only archive reports on-box.) Separate multiple addresses with commas. []> administrator@example.com ***** You will now configure system time settings. Please choose your continent: 1. Africa 2. America ... 11. GMT Offset [11]> 2 Please choose your country: 1. Anguilla ... 47. United States 48.
Chapter 3 The Commands: Reference Examples URL Filtering URL Filtering This section contains the following CLI commands: • aggregatorconfig • urllistconfig • webcacheflush • websecurityadvancedconfig • websecurityconfig • websecuritydiagnostics aggregatorconfig Description Configure address for Cisco Aggregator Server on the Email Security appliance.
Chapter 3 The Commands: Reference Examples URL Filtering Usage Commit: This command requires a ‘commit’. Cluster Management: This command can be used in all three machine modes (cluster, group, machine). Batch Command: This command supports a batch format. Example > urllistconfig No URL lists configured.
Chapter 3 The Commands: Reference Examples URL Filtering webcacheflush Description Flush the cache used by URL filtering features. Use this command if you change the certificate that is used for communication with Cisco Web Security Services. Generally, you will use this command only at the direction of Cisco support. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. Batch Command: This command does not support a batch format.
Chapter 3 The Commands: Reference Examples URL Filtering Enter URL lookup timeout (includes any DNS lookup time) in seconds: [15]> Enter the URL cache size (no. of URLs): [1215000]> Do you want to disable DNS lookups? [N]> Enter the maximum number of URLs that should be scanned: [100]> Enter the Web security service hostname: [example.
Chapter 3 URL Filtering Do you wish to enable Web Interaction Tracking? [N]> y Web Interaction Tracking is enabled. Do you want to whitelist URLs using a URL list? [N]> y 1. urllist1 2. urllist2 3. No URL list Enter the number of URL list [1]> 1 URL list 'urllist1' added mail.example.com> websecurityconfig URL Filtering is enabled. URL list 'urllist1' used. System provided certificate used. Web Interaction Tracking is enabled.
Chapter 3 The Commands: Reference Examples User Management User Management This section contains the following CLI commands: • userconfig • password or passwd • last • who • whoami userconfig Description Manage user accounts and connections to external authentication sources. Usage Commit: This command requires a ‘commit’. Cluster Management: This command is restricted to cluster mode. Batch Command: This command supports a batch format. See the inline CLI help for more details.
Chapter 3 The Commands: Reference Examples User Management Assign a role to "helpdesk": 1. Administrators - Administrators have full access to all settings of the system. 2. Operators - Operators are restricted from creating new user accounts. 3. Read-Only Operators - Read-Only operators may only view settings and status information. 4. Guests - Guest users may only view status information. 5. Technicians - Technician can only manage upgrades and feature keys. 6.
Chapter 3 The Commands: Reference Examples User Management - SETUP - Set up global settings. []> setup Do you want to enable external authentication? [N]> Y Please enter the timeout in seconds for how long the external authentication credentials will be cached. (Enter '0' to disable expiration of authentication credentials altogether when using one time passwords.) [0]> 30 Choose a mechanism to use: LDAP is unavailable because no LDAP queries of type EXTERNALAUTH are configured 1.
Chapter 3 The Commands: Reference Examples User Management Usage Commit: This command requires a ‘commit’. Cluster Management: This command is restricted to cluster mode. Note The passwd command is a special case because it needs to be usable by guest users who can only ever be in machine mode. If a guest user issues the passwd command on a machine in a cluster, it will not print the warning message but will instead just silently operate on the cluster level data without changing the user's mode.
Chapter 3 The Commands: Reference Examples User Management admin admin shutdown 10.251.60.37 10.251.16.231 Tue Aug 30 01:45 Mon Aug 29 10:29 Tue Aug 30 02:17 Mon Aug 29 10:41 Thu Aug 25 22:20 32m 11m who Description The who command lists all users who are logged into the system via the CLI, the time of login, the idle time, and the remote host from which the user is logged in. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode.
Chapter 3 The Commands: Reference Examples Virtual Appliance Management Full Name: Administrator Groups: admin, operators, config, log, guest Virtual Appliance Management • loadlicense • showlicense loadlicense Description Loads an XML license for a virtual appliance. You can load from a file or copy and paste. For complete information, see the Cisco Content Security Virtual Appliance Installation Guide available from http://www.cisco.
Chapter 3 The Commands: Reference Examples Virtual Appliance Management showlicense Description Displays information about the current virtual appliance license. Additional details are available using the featurekey command. This command is available to users with Admin or Operator privileges. Usage Commit: This command does not require a ‘commit’. Cluster Management: This command is restricted to machine mode. It is further restricted to the login host (i.e., the specific machine you are logged onto).