Guest

Preview Tool

Cisco Bug: CSCvs28187 - ENH Request: option to bypass SBRS reject based on envelope sender

Last Modified

Dec 20, 2019

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

12.5.0-066

Description (partial)

Symptom:
We have industrial customers who have legitimate correspondents who
sometimes, by their domain name, use email relays blacklisted by the SBRS
reputation filter, these relays are often different or are part of subnets
completely blacklisted.

Also it is difficult for us to remain the guarantor of the security of our
customers if we simply whitelist these addresses, without applying some
additional compliance rules.

Since the reputation filter only takes into account IP addresses or FQDNs,
the filter can not be bypassed according to the envelope address of the
transmitter, regardless of its IP address.

The behavior would be that the issuer is whitelisted although the message is
issued from an ip address or a FQDN blacklisted.

Continue to first giving a score of reputation at the SMTP connection but
before rejecting the mail, if you can read the SMTP HEADER to retrieve the
envelope address of the message,  Just implement an optional exception
address list (to activate or not) for email addresses or email domains to
bypass rejecting the email

Conditions:
The behavior would be that the issuer is whitelisted although the message is
issued from an ip address or a FQDN blacklisted.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.