I am implementing two new C170's this weekend (OS 7.5.1-102) to replace our existing C150's (OS 7.1.5-017). The only trouble I'm having is setting up the Spam quarantine settings to match the current config. The settings are different on the two machines, but part of the settings are done at machine mode and part in cluster mode.
Our current configuration for spam is as follows:
IronPort01: Spam Quarantine and Safelist/Blocklist enabled at machine level. IP Anti-Spam Overview settings at cluster level. External Spam Quarantine settings say "Settings for this feature are currently defined at: 'Machine: IronPort02.domain.com' & 'Cluster: clustername' ". Settings at cluster level do not have any external spam quarantine configured.
IronPort02: Spam Qarantine DISABLED at machine level. External Spam Quarantine at machine level is Enabled and points to IronPort01 ip address.
From what I understand, it seems that it is configured so that we're quarantining spam and users can access a centralized URL, but IronPort02 is shuffling all of that traffic to IronPort01. (These appliances were set up way before my time. I'm an IronPort noob.)
When I try to duplicate this set up on my two new IronPorts (we'll call them 03 and 04), it seems to work, but IronPort03 throws an error if I try to access the "External Spam Quarantine" page in machine mode. Stating cluster modes are out of sync.
I am leaning toward trying one of the following:
1. Break the cluster, create my set up on each machine and then re-join the cluster.
2. Copy the set up to each machine and just mod each machine instead of trying to get one of them to use cluster and one to use the machine config.
It really is only affecting how I see/access the pages. I don't believe it will cause our spam quarantine to break, but I'd like to keep it as clean as possible.
Can anyone tell me the best way to get the same end result as our current set up?