Cisco C170 Manuel d'utilisateur télécharger pdf (Page 2)

Suspending and resuming receiving and/or delivering mails

workqueue pause

Pause working queue.

workqueue resume

Resume working queue.

suspendlistener

Suspend receiving mails on one, several or all listeners. Shut

down won't be graceful.

resumelistener

Resume receiving mails on one, several or all listeners.

suspenddel

Suspend delivering mails. Shut down won't be graceful.

resumedel

Resume delivering mails.

suspend

Suspend receiving and delivering all mails. Shut down won't

be graceful.

resume

Resume receiving and delivering all mails.

ESA configuration files

showconfig

View XML configuration file as paged output.

mailconfig

Send XML configuration file via mail.

saveconfig

Save XML configuration file in the /configuration directory.

loadconfig

Load XML configuration file from the /configuration directory or

paste it directly into the CLI.

rollbackconfig

Roll back to one of the last 10 saved configurations.

resetconfig

Reset ALL configurations to factory default.

Working with logs

grep

Search for a Regular Expression pattern inside a log file.

findevent

Find an event in the logs matching either a message id, a mail

address (From/To) or a subject. Menu driven or batch mode.

tail

Continuously display new entries from the end of a log file.

rollovernow

Do a rollover on one certain or simply all log files.

logconfig

Configure and manage log files and delivery methods (FTP, SCP,

Syslog). View public RSA/DSS key from users.

Managing engines

updateconfig

Configure update URLs and HTTP/HTTPS proxies to use.

This will also affect AsyncOS updates.

updatenow

updatenow force

Manually update all components. Force updating with the

option force. The force option also works with all other

update commands below

antispamconfig

Configure IronPort anti-spam and Intelligent Multi-Scan.

antispamupdate

Manually request immediate anti-spam rules update.

antivirusconfig

Configure and view anti-virus settings and scanners.

antivirusupdate

Manually request immediate anti-virus definitions update.

scanconfig

Configure scanner options like skipped file types, scanning

depth (nesting), maximum scan size, scanner timeout.

outbreakconfig

Enable, disable and configure Outbreak Filters.

outbreakupdate

Request immediate update of CASE rules and engine.

outbreakflush

Clear CASE rules cache.

encryptionconfig

Configure IronPort PXE mail encryption.

encryptionupdate

Manually request immediate PXE engine update.

dlpupdate

Manually request immediate RSA DLP engine update.

dlprollback

Rollback RSA DLP engine and config to the previous version.

repengupdate

Manually request immediate SBRS engine update.

senderbaseconfig

Configure SenderBase SBNP statistics sharing status.

Cisco IronPort Support and advanced diagnostics

supportrequest

Open a support request with Cisco TAC.

techsupport

Enable or disable a (secured) tunnel for Cisco IronPort Support

to access the appliance remotely.

diagnostic

Check RAID status, flush DNS/ARP/LDAP caches, test remote

SMTP servers or check disk quota and usage.

enablediag

"admin". Provides several emergency options.

Centralized Management Cluster

clusterconfig

Create SSH or CSS clusters, add or remove single ESAs to or

from a cluster. Create and manage cluster groups. List

machines in cluster and view cluster and connection status.

clustercheck

Check configuration databases for inconsistencies and resolve

them if necessary.

Message Filter conditions (See “ESA Advanced Guide” for more info + examples)

subject

Tests subject against a RegExp.

body-size

Tests size of entire message in bytes.

mail-from

Tests envelope sender against a RegExp.

mail-from-group

Tests envelope sender against LDAP group.

sendergroup

Tests against a HAT sendergroup name.

rcpt-to

Tests envelope recipients against a RegExp.

rcpt-to-group

Tests envelope recipients with LDAP group.

remote-ip

Tests client IP for exact or IP range match.

recv-int

recv-listener

Matches mails received on the named

interface/listener.

date

Tests current date against value in US date

format: MM/DD/YYYY HH:MM:SS

header(<string>)

Tests the given header against a RegExp.

random(<integer>)

Compares a random integer to given value.

rcpt-count

Checks recipient count against value.

addr-count()

Compares recipient count from header (To:

and/or Cc:) against value.

spf-status

Checks the SPF status.

spf-passed

Checks if SPF verification was successful.

image-verdict

Scans attached images for category match.

workqueue-count

Checks number of mails in the workqueue.

body-contains(<regexp>)

Checks mail and attachments for a RegExp.

only-body-contains(<regexp>)

Checks message body for a RegExp.

encrypted

Tests if a message is S/MIME or PGP

encrypted.

attachment-filename

Tests a file name against a RegExp.

attachment-type

Checks for MIME file type by signature.

attachment-filetype

Matches a file type fingerprint (not MIME).

attachment-mimetype

Checks for MIME file type in MIME header.

attachment-protected

Looks for passworded/encrypted attachments.

attachment-unprotected

Looks for unprotected attachments.

attachment-contains()

Tests attachment for the given pattern.

attachment-binary-contains()

Tests raw binary attachment for pattern.

every-attachment-contains()

Tests every attachment of a message for a

given pattern.

attachment-size

Matches attachments by size in B, K or M.

dnslist(<server>)

Looks at server for a match in a DNSBL.

reputation

Compares sender's SB reputation to value.

no-reputation

True when SB reputation is “none”.

dictionary-match(<dict>)

Look in body for RegExp match from named

dictionary <dict>.

<position>-dictionary-

match(<dict>)

Looks in <position> of a message for a

RegExp match from the dictionary named

<dict>. <position> can be: subject,

mail-from, rcpt-to, attachment, body

header-dictionary-

match(<dict>, <header>)

Looks in header <header> for RegExp match

from dictionary named <dict>.

smtp-auth-id-matches(<header>

[, <sieve-char>])

Checks sender in envelope and mail header

(From: or Sender:) against the sender's SMTP

authentication user ID.

Message Filter conditions (See “ESA Advanced Guide” for more info + examples)

true

True is true and therefore matches all mails.

valid

Tests mail for complete MIME validity.

signed

Tests if the message is S/MIME signed.

signed-certificate(<field>

[<operator> <regexp>])

Checks S/MIME messages for <regexp>

matching or not matching (<operator>)

X.509 certificate issuer or signer (<field>).

Message Filter actions (See “ESA Advanced Guide” for more info + examples)

alt-src-host()

Deliver mail from this named interface.

alt-rcpt-to()

Change all recipients of a message.

alt-mailhost()

Deliver mail via alternate mail host.

notify()

notify-copy()

Notify specified recipient about a message (and

include a copy of the original message).

bcc()

bcc-scan()

Send a copy of this message to a new recipient.

Treat the copy like a new mail and scan again.

log-entry()

Add a log message at INFO level to mail logs.

quarantine(<name>)

Send this mail to the named quarantine.

archive(<filename>)

Save copy of the message in mbox format file.

duplicate-

quarantine(<name>)

Send copy of this mail to the named quarantine.

strip-header()

Look for a header and remove it.

insert-header()

Insert a header and its value into the mail.

add-footer(<footer>)

Add the footer named <footer> to the mail.

bounce-profile()

Apply a bounce profile to the mail.

encrypt-deferred()

Encrypt message before final delivery.

tag-message(<name>)

Add tag <name> for RSA DLS policy filtering.

skip-filters()

Skip all remaining message filters.

skip-spamcheck()

Skip all anti spam checks for this mail.

skip-viruscheck()

Skip all anti virus checks for this mail.

skip-vofcheck()

Skip all outbreak filters for this mail.

drop-attachments-by-name()

Drop all attachments with matching filename.

drop-attachments-by-type()

Drop all attachments with matching MIME type.

drop-attachments-by-

filetype()

Drop all attachments with matching file type

determined by type fingerprint.

drop-attachments-by-

mimetype()

Drop all attachments with matching MIME type.

Does not match on extension or scan archives.

drop-attachments-by-size()

Drop attachment by examining raw size.

drop-attachments-where-

contains(<regexp>)

Drop attachments that match a Regular

Expression. Also matches files in archives.

drop-attachments-where-

dictionary-match(<dict>)

Drop attachments that match a term in the

dictionary <dict>.

html-convert()

Strip all HTML tags from a message.

edit-header-text()

Substitute a matched RegExp within a header.

edit-body-text()

Substitute a matched RegExp within a body.

add-footer()

Add the named footer to the end of the mail.

deliver()

Deliver the message. Final action.

drop()

Drop the message. Final action.

bounce()

Bounce the message. Final action.

Message Filter example

drop_huge_presentations:

if (mail-from-group == "Sales") AND (attachment-filename ==

"(?i)\\.(ppt|pptx)$") AND (attachment-size >= 10M) {

drop-attachments-where-contains ("(?i)\\.(ppt|pptx)$", "Large

presentation dropped.");

}

Licensed under CC BY–NC–SA . Latest version of the sheet is available at http://bit.ly/ESAcli.

IronPort®, AsyncOS®, IOS® and SenderBase® are all registered trademarks of Cisco Systems, Inc.

1 2

▬▬▬▬▬▬▬▬ 1

Commentaires sur ces manuels

Pas de commentaire

Cisco C170 Manuel d'utilisateur Page 2

Commentaires sur ces manuels

Produits connexes et manuels pour Systèmes de contrôle d'accès de sécurité Cisco C170