Cisco Bug: CSCul55090 - SPF-status in content filter only matches on PRA identity: Update Guide!
Jun 07, 2020
- Cisco Email Security Appliance
Known Affected Releases
7.6.3-019 8.0.1-000 8.5.0-000
Symptom: The advanced user guide in chapter "Email Authentication" does not state that the Content Filter Condition "SPF-Status" only checks the PRA identity. This needs to be added in the that chapter as customers are not aware of that which causes confusion and unnecessary support cases. Conditions: SPF verification is enabled for all incoming messages on Cisco IronPort Mail Flow Policies. A content filter exists which will quarantine or drop the messages if SPF-Verification fails: SPF-Verification spf-status == "fail" Action: 'Quarantine' mail_log or message tracking shows the following details: Thu Aug 20 17:27:37 2009 Info: MID 6153849 SPF: helo identity postmaster@example None Thu Aug 20 17:27:37 2009 Info: MID 6153849 SPF: mailfrom identity email@example.com Fail (v=spf1) Thu Aug 20 17:28:15 2009 Info: MID 6153849 SPF: pra identity firstname.lastname@example.org None headers from Thu Aug 20 17:28:15 2009 Info: MID 6153849 ready 197 bytes from <email@example.com> However, message is processed and delivered normally.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases