Action: Final Encrypt and Deliver Now (Final Action) encrypt ("CiscoRes", "$Subject", 1)
Part of the option, you can use: Only use message encryption if TLS fails
The problem with this rule, is the Envelope Recipient says: "If a message has multiple recipients, only one recipient has to match for the specified action to affect the message to all recipients".
We did not realize that and when two emails from different domains are added, then we have issues. Ex. The one with TLS required works great, but if an email is on there that is not TLS required, then they will automatically go CRES.
BTW: We need this for Postini users since we are having issues with the CRES encryption.
If you just want to force TLS for some domains you can put them in destination controls as TLS Required. Then if there is a failure with TLS the message goes back into the queue just like the remote host was down. That does not require a content filter because destination controls happens last.
If you want to use different policies based on recipient domain you need to use message splintering. In order to do message splintering you will need to use a separate outgoing message policy with a list of recipient domains. I don't believe that can use a dictionary. You will need to paste the list of domains in the form "@domain" or use an LDAP query.
Then you can activate content filters on each policy as needed. If the CRES content filter is not active for that policy, CRES will not be used.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :