Is there any way to decode the header X-IronPort-Anti-Spam-Result. I think it has some information about the rules and the score the message ranked in CASE, but it's not explained it's meaning or how to decode.
It would be useful for me for understanding false positives in spam and which rules where aplied.
I think I would be nice for each message tracked by CASE having information about the reason of the scoring but not so much as tell in debug level.
I haven't taken any interest in the CASE logs so I don't know exactly what's in them, but I can't see IronPort putting the information you want in there, either. That would allow spammers to buy something small like a C10, feed their spam through it, and use the log results to tune their spam.
We ran into exactly the same issue when we first started using IronPort/Brightmail back in 2004. It's frustrating, because honest customers feel like they have a right to know what's going on with their mail. I can't say I disagree with that. But giving an attacker an "oracle" by which he can indirectly view the inner workings of your defenses gives him an extreme advantage in subverting them. Therefore this stuff must be kept secret.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :