Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Using M-Series quarantine as a policy quarantine

Hello,

We are using a M-Series quarantine applicance as a spam quarantine.
It would be a great to use this quarantine also for policy based filtered attachments.
I tried to configure this, and indeed with some filter actions (bcc) and a smtp route it is possible to route also filter matching emails to M-Series quarantine.

Generally the problem is, that such emails should not be accessable be the recipient, because some forbidden attachment should not be delivered. So using bbc with an addition drop in a content filter can solve this, only re-routing to M-Series will give access for the users without any control.

But what can I do if I want to deliver the emails from quarantine to the intented recipient? Caused be the bcc re-routing with the content filter the intented recipient is deleted.

Why do I want to do this? Async OS 4.7.x can not be configured to have quarantine only admins.
Our helpdesk is responsible for managing forbidden attachments and I do not want to give them access to our C-Series Ironport cluster.

Has anybody solved this problem? Is there something improved in Async OS 5?

Regards

Stefan

3 REPLIES
Community Member

Re: Using M-Series quarantine as a policy quarantine

Well there is a chance of doing that. This is untested, but inorder to get the message to the M-Series all you need to do is to insert the header
X-ironport-quarantine with any value. To clone the Policy quarantine you need to strip the rcpt to and insert someone like Policy@yourdomain.

The problem is the release of the message. If you do that it will try to release that message to this email address.

There is nothing in 5.0 or 5.1 that will do that out of the box.

Regards,

Mark

Community Member

Re: Using M-Series quarantine as a policy quarantine

Hi Stefan,

There's a way to give quarantine admin access in 4.7.

To do so you just need to create a guest user and grant him access to the local quarantine he's supposed to manage.

When he'll log in the GUI he'll only have access to the Monitor tab. Hope this could be helpfull.

Regards,

Community Member

Re: Using M-Series quarantine as a policy quarantine

Hi Stefan,

There's a way to give quarantine admin access in 4.7.

To do so you just need to create a guest user and grant him access to the local quarantine he's supposed to manage.

When he'll log in the GUI he'll only have access to the Monitor tab. Hope this could be helpfull.

Regards,


Hello Laurent,

Thanks, thats a good idea. I didn't know that quaratine access can be set up for guest users.
I configured this right now, it's working.

Stefan

203
Views
0
Helpful
3
Replies
CreatePlease to create content