Guest

Preview Tool

Cisco Bug: CSCvv76993 - Trace tool not producing results consistent with actual test on ESA for content filter

Last Modified

Sep 18, 2020

Products (1)

  • Cisco Email Security Appliance

Known Affected Releases

13.5.2-032

Description (partial)

Symptom:
When testing the functionality of a content filter using the trace tool prior to putting a configuration in production, it was observed that a content filter for URL Reputation did not trigger on a malicious URL when there was no whitespace surrounding the URL. However, when changing the trace test to include whitespace in the message body with the URL, the content filter was triggered and the appropriate action was taken. When the test was performed on the actual ESA, the content filter was triggered both times for the malicious URL, regardless of whitespace in the email message.

Conditions:
The following must be in place:

- A content filter with the following conditions: url-reputation(-10.00, -6.00 , "", 1, 1):
- The content filter applied to a mail flow policy that is actively used for incoming mail
- The Trace tool must be used
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.