Forcer l'envoie des mails en attente :

1 (Host_IronPort)> delivernow
2 
3 Please choose an option for scheduling immediate delivery.
4 1. By recipient host
5 2. All messages
6 [1]> 2
7 Rescheduling all messages for immediate delivery.

Suspendre un listener

Si vous souhaitez temporairement ne plus recevoir ou émettre de message, vous devrez suspendre le listener adéquat.

 1 (Host_IronPort)> suspendlistener
 2 
 3 Choose the listener(s) you wish to suspend.
 4 Separate multiple entries with commas.
 5 1. All
 6 2. IncomingMail
 7 3. OutboundMail
 8 [1]> 2
 9 
10 Enter the number of seconds to wait before abruptly closing connections.
11 [30]>
12 
13 Waiting for listeners to exit...
14 Receiving suspended for IncomingMail.

Note : attention, cela survie au reboot !

Relancer un listener

Si vous avez arrêté un listener et que vous souhaitez le relancer.

 1 (Host_IronPort)> resumelistener
 2 
 3 Choose the listener(s) you wish to resume.
 4 Separate multiple entries with commas.
 5 1. All
 6 2. IncomingMail
 7 3. OutboundMail
 8 [1]> 2
 9 
10 Receiving resumed for IncomingMail.

Status

 1 (Host_IronPort)>status
 2 
 3 Enter "status detail" for more information.
 4 
 5 Status as of:                  Thu Jun 18 12:47:47 2015 CEST
 6 Up since:                      Mon Jun 10 08:43:36 2015 CEST (8d 4h 4m 11s)
 7 Last counter reset:            Never
 8 System status:                 Online
 9 Oldest Message:                6 days 13 mins 3 secs
10 Feature - McAfee:              30 days
11 Feature - Sophos Anti-Virus:   30 days
12 Feature - Bounce Verification: Perpetual
13 Feature - Centralized Management: 215 days
14 Feature - IronPort Anti-Spam:  198 days
15 Feature - IronPort Email Encryption: 30 days
16 Feature - RSA Email Data Loss Prevention: 30 days
17 Feature - Incoming Mail Handling: Perpetual
18 Feature - Outbreak Filters:    30 days
19 
20 Counters:                               Reset          Uptime        Lifetime
21   Receiving
22     Messages Received              54,491,021         264,615      54,491,021
23     Recipients Received            59,018,184         296,556      59,018,184
24   Rejection
25     Rejected Recipients               597,041           1,091         597,041
26     Dropped Messages                   42,275           2,120          42,275
27   Queue
28     Soft Bounced Events             1,858,032           6,044       1,858,032
29   Completion
30     Completed Recipients           58,973,872         293,040      58,973,872
31   Current IDs
32     Message ID (MID)                                                 55508420
33     Injection Conn. ID (ICID)                                       169346250
34     Delivery Conn. ID (DCID)                                         27473021
35 
36 Gauges:                               Current
37   Connections
38     Current Inbound Conn.                   5
39     Current Outbound Conn.                  2
40   Queue
41     Active Recipients                   1,387
42     Messages In Work Queue                  0
43     Messages In Quarantine                  0
44     Kilobytes Used                     16,736
45       Kilobytes In Quarantine               0
46     Kilobytes Free                 34,586,272

Note : Pour plus d'information (CPU par feature, ...), il est possible d'utiliser la commande status details

Version de l'appliance

 1 (Host_IronPort)> version
 2 
 3 Current Version
 4 ===============
 5 Product: Cisco IronPort C370 Messaging Gateway(tm) Appliance
 6 Model: C370
 7 Version: 7.6.1
 8 Build Date: 2012-12-02
 9 Install Date: 2013-01-22 15:49:22
10 Serial #: XXLLPPLLPPXHHYGTG
11 BIOS: 2.1.9C
12 RAID: 1.21.02-0528, 2.01.00, 1.02-014B
13 RAID Status: Optimal
14 RAID Type: 1
15 BMC: 1.85

Licenses

 1 (Host_IronPort)> featurekey
 2 
 3 Module                              Quantity   Remaining   Expiration Date
 4 Centralized Management              2          215 days    Tue Jan 19 12:10:50 2016
 5 IronPort Email Encryption           1          30 days     Dormant
 6 IronPort Anti-Spam                  25000      198 days    Sat Jan  2 12:13:30 2016
 7 Sophos Anti-Virus                   1          30 days     Dormant
 8 Bounce Verification                 1          Perpetual   N/A
 9 Incoming Mail Handling              1          Perpetual   N/A
10 Outbreak Filters                    1          30 days     Dormant
11 RSA Email Data Loss Prevention      1          30 days     Dormant
12 McAfee                              1          30 days     Dormant
13 
14 Choose the operation you want to perform:
15 - ACTIVATE - Activate a (pending) key.
16 - CHECKNOW - Check now for new feature keys.
17 []>

Configuration des Listener

 1 (Host_IronPort)> listenerconfig
 2 
 3 NOTICE: This configuration command has not yet been configured for the current cluster mode (Machine IronPort-Cluster).
 4 
 5 What would you like to do?
 6 1. Switch modes to edit at mode "Cluster Cluster_IronPort".
 7 2. Start a new, empty configuration at the current mode (Machine IronPort).
 8 3. Copy settings from another cluster mode to the current mode (Machine IronPort).
 9 [1]> 1
10 
11 
12 Currently configured listeners:
13 1. Adm (on ADM) SMTP TCP Port 25 Private
14 2. From_Priv (on Virt3_Data1) SMTP TCP Port 25 Private
15 3. Into_Soc1 (on Virt2_Data1) SMTP TCP Port 25 Public
16 4. Into_Soc2 (on Virt1_Data1) SMTP TCP Port 25 Public
17 
18 Choose the operation you want to perform:
19 - NEW - Create a new listener.
20 - EDIT - Modify a listener.
21 - DELETE - Remove a listener.
22 - SETUP - Change global settings.
23 - CLUSTERSET - Set how listeners are configured in a cluster.
24 - CLUSTERSHOW - Display how listeners are configured in a cluster.
25 []>

Configuration d'interface

 1 (Host_IronPort)> interfaceconfig
 2 
 3 
 4 Currently configured interfaces:
 5 1. ADM (192.168.1.1/24 on Management: IronPort-ADMIN)
 6 2. Bounce (192.168.2.2/24 on Data 1: IronPort-BOUNCE)
 7 3. Virt1_Data1 (192.168.3.3/24 on Data 1: priv.domain.com)
 8 4. Virt2_Data1 (192.168.4.4/24 on Data 1: soc1.domain.com)
 9 5. Virt3_Data1 (192.168.5.5/24 on Data 1: soc2.domain.com)
10 
11 Choose the operation you want to perform:
12 - NEW - Create a new interface.
13 - EDIT - Modify an interface.
14 - GROUPS - Define interface groups.
15 - DELETE - Remove an interface.
16 []>

Routes SMTP

 1 (Host_IronPort)> smtproutes
 2 
 3 NOTICE: This configuration command has not yet been configured for the current cluster mode (Machine IronPort).
 4 
 5 What would you like to do?
 6 1. Switch modes to edit at mode "Cluster Cluster_IronPort".
 7 2. Start a new, empty configuration at the current mode (Machine IronPort).
 8 3. Copy settings from another cluster mode to the current mode (Machine IronPort).
 9 [1]> 1
10 
11 
12 There are currently 20 routes configured.
13 
14 Choose the operation you want to perform:
15 - NEW - Create a new route.
16 - EDIT - Edit destinations of an existing route.
17 - DELETE - Remove a route.
18 - PRINT - Display all routes.
19 - IMPORT - Import new routes from a file.
20 - EXPORT - Export all routes to a file.
21 - CLEAR - Remove all routes.
22 - CLUSTERSET - Set how SMTP routes are configured in a cluster.
23 - CLUSTERSHOW - Display how SMTP routes are configured in a cluster.
24 []> print
25 
26 domain1.com: 10.1.1.1
27 domain2.com: 10.2.2.2
28 domain3.fr: 10.3.3.3
29 domain4.com: 10.4.4.4
30 
31 
32 
33 There are currently 4 routes configured.
34 
35 Choose the operation you want to perform:
36 - NEW - Create a new route.
37 - EDIT - Edit destinations of an existing route.
38 - DELETE - Remove a route.
39 - PRINT - Display all routes.
40 - IMPORT - Import new routes from a file.
41 - EXPORT - Export all routes to a file.
42 - CLEAR - Remove all routes.
43 - CLUSTERSET - Set how SMTP routes are configured in a cluster.
44 - CLUSTERSHOW - Display how SMTP routes are configured in a cluster.
45 []>

Backup par mail

1 (Host_IronPort)> mailconfig
2 
3 Please enter the email address to which you want to send the configuration file.
4 Separate multiple addresses with commas.
5 []> adm@domain1.com
6 
7 Do you want to mask the password? Files with masked passwords cannot be loaded using loadconfig command. [Y]>
8 
9 The configuration file has been sent to adm@domain1.com.

Affichage des filtres

 1 (Host_IronPort)> filters
 2 
 3 
 4 Choose the operation you want to perform:
 5 - NEW - Create a new filter.
 6 - DELETE - Remove a filter.
 7 - IMPORT - Import a filter script from a file.
 8 - EXPORT - Export filters to a file
 9 - MOVE - Move a filter to a different position.
10 - SET - Set a filter attribute.
11 - LIST - List the filters.
12 - DETAIL - Get detailed information on the filters.
13 - LOGCONFIG - Configure log subscriptions used by filters.
14 - ROLLOVERNOW - Roll over a filter log file.
15 - CLUSTERSET - Set how filters are configured in a cluster.
16 - CLUSTERSHOW - Display how filters are configured in a cluster.
17 []> list
18 
19 Num Active Valid Name
20   1   N      Y   AltSrcInt
21   2   Y      Y   Filter_Whitelist
22   3   Y      Y   Antispoofing_Enveloppe
23   4   Y      Y   Antispoofing_Header
24 
25 
26 Choose the operation you want to perform:
27 - NEW - Create a new filter.
28 - DELETE - Remove a filter.
29 - IMPORT - Import a filter script from a file.
30 - EXPORT - Export filters to a file
31 - MOVE - Move a filter to a different position.
32 - SET - Set a filter attribute.
33 - LIST - List the filters.
34 - DETAIL - Get detailed information on the filters.
35 - LOGCONFIG - Configure log subscriptions used by filters.
36 - ROLLOVERNOW - Roll over a filter log file.
37 - CLUSTERSET - Set how filters are configured in a cluster.
38 - CLUSTERSHOW - Display how filters are configured in a cluster.
39 []>

tail

 1 (Host_IronPort)> tail
 2 
 3 This command is restricted to run in machine mode of the machine you are logged in to.  Do you want to switch to "Machine
 4 IronPort" mode? [Y]>
 5 
 6 Currently configured logs:
 7     Log Name            Log Type                      Retrieval           Interval
 8  ---------------------------------------------------------------------------------
 9  1. antispam            Anti-Spam Logs                Manual Download     None
10  2. antivirus           Anti-Virus Logs               Manual Download     None
11  3. asarchive           Anti-Spam Archive             Manual Download     None
12  4. authentication      Authentication Logs           Manual Download     None
13  5. avarchive           Anti-Virus Archive            Manual Download     None
14  6. bounces             Bounce Logs                   Manual Download     None
15  7. encryption          Encryption Logs               Manual Download     None
16  8. error_logs          IronPort Text Mail Logs       Manual Download     None
17  9. euq_logs            Spam Quarantine Logs          Manual Download     None
18 10. euqgui_logs         Spam Quarantine GUI Logs      Manual Download     None
19 11. ftpd_logs           FTP Server Logs               Manual Download     None
20 12. gui_logs            HTTP Logs                     Manual Download     None
21 13. mail_logs           IronPort Text Mail Logs       Manual Download     None
22 14. repeng              Reputation Engine Logs        Manual Download     None
23 15. reportd_logs        Reporting Logs                Manual Download     None
24 16. reportqueryd_logs   Reporting Query Logs          Manual Download     None
25 17. scanning            Scanning Logs                 Manual Download     None
26 18. snmp_logs           SNMP Logs                     FTP Push - Host 192.168.6.6None
27 19. sntpd_logs          NTP logs                      Manual Download     None
28 20. status              Status Logs                   Manual Download     None
29 21. system_logs         System Logs                   Manual Download     None
30 22. trackerd_logs       Tracking Logs                 Manual Download     None
31 23. updater_logs        Updater Logs                  Manual Download     None
32 Enter the number of the log you wish to tail.
33 []> 13
34 
35 Press Ctrl-C to stop.
36 Thu Jun 18 12:51:42 2015 Info: MID 55508656 Message-ID '<7746D226-9967-4237-BB0A-D688888854CC@toto.com>'
37 Thu Jun 18 12:51:42 2015 Info: MID 55508656 Subject '=?iso-8859-1?Q?Retour
38 ...'

grep

 1 (Host_IronPort)> grep
 2 
 3 Currently configured logs:
 4     Log Name            Log Type                      Retrieval           Interval
 5  ---------------------------------------------------------------------------------
 6  1. antispam            Anti-Spam Logs                Manual Download     None
 7  2. antivirus           Anti-Virus Logs               Manual Download     None
 8  3. asarchive           Anti-Spam Archive             Manual Download     None
 9  4. authentication      Authentication Logs           Manual Download     None
10  5. avarchive           Anti-Virus Archive            Manual Download     None
11  6. bounces             Bounce Logs                   Manual Download     None
12  7. encryption          Encryption Logs               Manual Download     None
13  8. error_logs          IronPort Text Mail Logs       Manual Download     None
14  9. euq_logs            Spam Quarantine Logs          Manual Download     None
15 10. euqgui_logs         Spam Quarantine GUI Logs      Manual Download     None
16 11. ftpd_logs           FTP Server Logs               Manual Download     None
17 12. gui_logs            HTTP Logs                     Manual Download     None
18 13. mail_logs           IronPort Text Mail Logs       Manual Download     None
19 14. repeng              Reputation Engine Logs        Manual Download     None
20 15. reportd_logs        Reporting Logs                Manual Download     None
21 16. reportqueryd_logs   Reporting Query Logs          Manual Download     None
22 17. scanning            Scanning Logs                 Manual Download     None
23 18. snmp_logs           SNMP Logs                     FTP Push - Host 192.168.6.6None
24 19. sntpd_logs          NTP logs                      Manual Download     None
25 20. status              Status Logs                   Manual Download     None
26 21. system_logs         System Logs                   Manual Download     None
27 22. trackerd_logs       Tracking Logs                 Manual Download     None
28 23. updater_logs        Updater Logs                  Manual Download     None
29 Enter the number of the log you wish to grep.
30 []> 13
31 
32 Enter the regular expression to grep.
33 []> domain12.fr
34 
35 Do you want this search to be case insensitive? [Y]>
36 
37 Do you want to tail the logs? [N]>
38 
39 Do you want to paginate the output? [N]>
40 
41 Define file selection pattern.
42 []>
43 
44 Wed May 20 03:41:46 2015 Info: MID 53722598 ICID 161154185 RID 0 To: <titi@domain12.fr>
45 Wed May 20 03:41:56 2015 Info: MID 53722599 ICID 161154212 RID 0 To: <toto@domain12.fr>
46 ....

trace

 1 (Host_IronPort)> trace
 2 
 3 Enter the source IP:
 4 []> 8.8.8.8
 5 
 6 Enter the fully qualified domain name of the source IP (If left blank, a reverse DNS lookup will be performed on the source
 7 IP. To clear the existing value, enter 'NONE'.):
 8 []>
 9 
10 Select the listener to trace behavior on:
11 1. Adm
12 2. Soc1
13 3. Soc2
14 4. Soc3
15 [1]> 3
16 
17 Enter the domain name that has to be passed to HELO/EHLO.
18 []> gmail.com
19 
20 Fetching default SenderBase values...
21 Enter the SenderBase Network Owner ID of the source IP.  The actual ID is N/A.
22 [N/A]> 2
23 
24 Enter the SenderBase Reputation Score of the source IP.  The actual score is N/A.
25 [N/A]> 2
26 
27 Enter the Envelope Sender address:
28 []> toto@gmail.com
29 
30 Enter the Envelope Recipient addresses.  Separate multiple addresses by commas.
31 []> test@domain1.com
32 
33 Load message from disk? [Y]> n
34 
35 Enter or paste the message body here. Enter '.' on a blank line to end.
36 test
37 .
38 
39 
40 
41 Processing HAT (Listener: Soc1)
42  - Fully Qualified Domain Name: google-public-dns-a.google.com
43  - Matched On: CLEAN_REPUTATION Sender Group (host sbrs[-1.0:10.0])
44  - Applying $ACCEPTED policy (ACCEPT behavior).
45 
46 Policy Parameters:
47  - Maximum Message Size:  20M (Default)
48  - Maximum Number Of Connections From A Single IP:  10 (Default)
49  - Maximum Number Of Messages Per Connection:  10 (Default)
50  - Maximum Number Of Recipients Per Message:  50 (Default)
51  - Maximum Recipients Per Hour:  Disabled (Default)
52  - Use SenderBase For Flow Control:  Yes (Default)
53  - Virus Detection Enabled:  Yes (Default)
54  - Allow TLS Connections:  No (Default)
55  - Accept Untagged bounces:  No
56 
57 Processing MAIL FROM:
58  - Default Domain Processing:  No Change
59 
60 Processing Recipient List:
61 Processing test@domain1.com
62  - Default Domain Processing:  No Change
63  - Domain Map:  No Change
64  - RAT matched on test@domain1.Com, behavior = REJECT
65 
66 Run through another debug session? [N]>

Dernière connexion admin

1 (Host_IronPort)> last
2 
3 Username  Remote Host    Login Time        Logout Time       Total Time
4 ========  =============  ================  ================  ==========
5 admin1     192.168.8.8    Thu Jun 18 12:20  still logged in   33m
6 admin2     192.168.9.9    Thu Jun 18 12:52  Thu Jun 18 12:53  0m

Reporting

 1 (Host_IronPort)> tophosts
 2 
 3 Sort results by:
 4 
 5 1. Active Recipients
 6 2. Connections Out
 7 3. Delivered Recipients
 8 4. Hard Bounced Recipients
 9 5. Soft Bounced Events
10 [1]> 1
11 
12 Status as of:                   Thu Jun 18 12:54:50 2015 CEST
13 Hosts marked with '' were down as of the last delivery attempt.
14 
15                                  Active  Conn.     Deliv.       Soft       Hard
16 #   Recipient Host               Recip.    Out     Recip.    Bounced    Bounced
17 
18 1  toto.fr                         145      0          0          0          0
19 2  aaa.id                             114      0          0          0          0
20 3  dddddddd.in                          110      0          0          0          0
21 4  eeeee.net                               43      0          0          0          0
22 5  zzzzz.vn                         36      0          0          0          0
23 
24 
25 6  deutschland.de                        34      0          0          0          0
26 7  zdzddzdzd.fr                     25      0          0          0          2
27 8  zdzdz.com                             23      0          0          0          0
28 9  static.com                        23      0          0          0          0
29 ...

Status d'un domaine

 1 (Host_IronPort)> hoststatus
 2 
 3 Recipient host:
 4 []> gmail.com
 5 
 6 Host mail status for: 'gmail.com'
 7 Status as of:         Thu Jun 18 12:55:17 2015 CEST
 8 Host up/down:         up
 9 
10 Counters:
11   Queue
12     Soft Bounced Events                       12
13   Completion
14     Completed Recipients                   1,503
15       Hard Bounced Recipients                 64
16         DNS Hard Bounces                       0
17         5XX Hard Bounces                      64
18         Filter Hard Bounces                    0
19         Expired Hard Bounces                   0
20         Other Hard Bounces                     0
21       Delivered Recipients                 1,439
22       Deleted Recipients                       0
23 
24 Gauges:
25   Queue
26     Active Recipients                          0
27       Unattempted Recipients                   0
28       Attempted Recipients                     0
29     Connections
30       Current Outbound Connections             0
31       Pending Outbound Connections             0
32 
33 Oldest Message        No Messages
34 Last Activity         Thu Jun 18 12:55:02 2015 CEST
35 Ordered IP addresses: (expiring at Thu Jun 18 13:07:15 2015 CEST)
36     Preference   IPs
37     5            173.194.67.27
38 
39     10           64.233.162.27
40 
41     20           74.125.200.27
42 
43     30           74.125.23.27
44 
45     40           173.194.72.27
46 
47 MX Records:
48     Preference   TTL        Hostname
49     5            11m57s     gmail-smtp-in.l.google.com
50     10           11m57s     alt1.gmail-smtp-in.l.google.com
51     20           11m57s     alt2.gmail-smtp-in.l.google.com
52     30           11m57s     alt3.gmail-smtp-in.l.google.com
53     40           11m57s     alt4.gmail-smtp-in.l.google.com
54 
55     Last 5XX Error:
56     ----------
57     550 5.1.1 The email account that you tried to reach does not exist. Please try
58     ----------

SMTPPING

 1 (Host_IronPort)> diagnostic
 2 
 3 
 4 Choose the operation you want to perform:
 5 - RAID - Disk Verify Utility.
 6 - DISK_USAGE - Check Disk Usage.
 7 - NETWORK - Network Utilities.
 8 - REPORTING - Reporting Utilities.
 9 - TRACKING - Tracking Utilities.
10 - RELOAD - Reset configuration to the initial manufacturer values.
11 []> network
12 
13 Choose the operation you want to perform:
14 - FLUSH - Flush all network related caches.
15 - ARPSHOW - Show system ARP cache.
16 - NDPSHOW - Show system NDP cache.
17 - SMTPPING - Test a remote SMTP server.
18 - TCPDUMP - Dump ethernet packets.
19 []> smtpping
20 
21 []> 22.22.22.22
22 
23 Select a network interface to use for the test.
24 1. ADM
25 2. Virt1_Data1
26 3. Virt2_Data1
27 4. auto
28 [6]> 2
29 
30 Do you want to type in a test message to send?  If not, the connection will be tested but no email will be sent. [N]>
31 
32 Starting SMTP test of host 22.22.22.22.
33 Connection to 22.22.22.22 succeeded.
34 Command HELO succeeded
35 Command MAIL FROM succeeded.
36 Test complete.  Total time elapsed 5.01 seconds
37 
38 Choose the operation you want to perform:
39 - FLUSH - Flush all network related caches.
40 - ARPSHOW - Show system ARP cache.
41 - NDPSHOW - Show system NDP cache.
42 - SMTPPING - Test a remote SMTP server.
43 - TCPDUMP - Dump ethernet packets.
44 []>

netstat

 1 (Host_IronPort)> netstat
 2 
 3 Choose the information you want to display:
 4 1. List of active sockets.
 5 2. State of network interfaces.
 6 3. Contents of routing tables.
 7 4. Size of the listen queues.
 8 5. Packet traffic information.
 9 [1]> 1
10 
11 1. IPv4 only.
12 2. IPv6 only.
13 [1]> 1
14 
15 Show network addresses as numbers? [N]> y
16 
17 Avoid truncating addresses? [N]>
18 
19 nternet connections (including servers)
20 Proto Recv-Q Send-Q  Local Address          Foreign Address        (state)
21 tcp4       0      0 192.168.2.2.25        62.210.13.31.50360     ESTABLISHED
22 tcp4       0      0 192.168.3.3.25        22.22.22.22.48835      ESTABLISHED

Utilisation disque

 1 (Host_IronPort)> diagnostic
 2 
 3 Choose the operation you want to perform:
 4 - RAID - Disk Verify Utility.
 5 - DISK_USAGE - Check Disk Usage.
 6 - NETWORK - Network Utilities.
 7 - REPORTING - Reporting Utilities.
 8 - TRACKING - Tracking Utilities.
 9 - RELOAD - Reset configuration to the initial manufacturer values.
10 []> disk_usage
11 
12 
13 Services                      Disk Usage (GB)   Quota(GB)
14 ----------------------------------------------------------
15 Spam Quarantine                       0.0           2.5
16 Reporting                             4.1          17.0
17 Tracking                              0.1          20.0
18 Total                                 4.2          39.5
19 
20 Choose the operation you want to perform:
21 - RAID - Disk Verify Utility.
22 - DISK_USAGE - Check Disk Usage.
23 - NETWORK - Network Utilities.
24 - REPORTING - Reporting Utilities.
25 - TRACKING - Tracking Utilities.
26 - RELOAD - Reset configuration to the initial manufacturer values.
27 []>

nslookup

 1 (Host_IronPort)> nslookup
 2 
 3 Please enter the host or IP address to resolve.
 4 []> www.free.fr
 5 
 6 Choose the query type:
 7 1. A       the host's IP address
 8 2. AAAA    the host's IPv6 address
 9 3. CNAME   the canonical name for an alias
10 4. MX      the mail exchanger
11 5. NS      the name server for the named zone
12 6. PTR     the hostname if the query is an Internet address,
13 
14  otherwise the pointer to other information
15 7. SOA     the domain's "start-of-authority" information
16 8. TXT     the text information
17 [1]> 1
18 
19 A=212.27.48.10 TTL=4h 1m 1s

Stats en cours pour un domaine

 1 (Host_IronPort)> hostrate
 2 
 3 Recipient host:
 4 []> free.fr
 5 
 6 Enter the number of seconds between displays.
 7 [10]> 3
 8 
 9 Type Ctrl-C to return to the main prompt.
10 
11     Time      Host  CrtCncOut   ActvRcp ActvRcp  DlvRcp HrdBncRcp SftBncEvt
12             Status                        Delta   Delta     Delta     Delta
13 08:51:07        up          3        41       0       0         0         0
14 08:51:10        up          3        44       3       0         0         0
15 08:51:13        up          3        45       1       0         0         0
16 08:51:16        up          3        47       2       1         0         0
17 08:51:19        up          3        47       0       0         0         0
18 ^C

Mails en file d'attente

1 (Host_IronPort)> workqueue status
2 
3 Status as of:  Fri Jun 19 08:52:42 2015 CEST
4 Status:        Operational
5 Messages:      0

Status et information de la SenderBase

 1 (Host_IronPort)> sbstatus
 2 
 3 SenderBase Host Status
 4 Status as of:                    Fri Jun 19 08:52:27 2015 CEST
 5 Host success/fail:               success
 6 
 7 SBRS Status
 8 Status as of:                    Fri Jun 19 08:52:27 2015 CEST
 9 Host success/fail:               success
10 
11 SenderBase Network Participation Status
12 Time of last SenderBase upload:  never

Stats en cours sur la file d'attente

1 (Host_IronPort)> workqueue rate
2 
3 Type Ctrl-C to return to the main prompt.
4 
5 Time      Pending    In   Out
6 08:53:28        0     0     0
7 08:53:38        0    11    11
8 08:53:48        0    10    10

Stats DNS

 1 (Host_IronPort)> dnsstatus
 2 
 3 Status as of: Fri Jun 19 08:54:42 2015 CEST
 4 
 5 Counters:                    Reset          Uptime        Lifetime
 6   DNS Requests         467,385,596     467,182,112     467,385,596
 7   Network Requests      93,374,333      93,345,897      93,374,333
 8   Cache Hits           472,032,963     471,815,454     472,032,963
 9   Cache Misses          72,603,929      72,599,109      72,603,929
10   Cache Exceptions     209,096,293     208,897,940     209,096,293
11   Cache Expired         15,835,352      15,835,266      15,835,352

Afficher les messages dans la file d'attente

 1 (Host_IronPort)> showrecipients
 2 
 3 Please select how you would like to show messages:
 4 1. By recipient host.
 5 2. By Envelope From address.
 6 3. All.
 7 [1]> 3
 8 
 9 Showing messages, please wait..
10 
11 MID/     Bytes/    Sender/                 Subject
12 [RID]    [Atmps]   Recipient
13 56155715 1848                              Delivery Status Notification (Failure)
14 [0]      [49]      zezezezezez@doma1.com
15 
16 56164658 1850                               (Failure)
17 [0]      [48]      zezsdfsdgdfg@sdqsd.com

Affiche un message via son MID

 1 (Host_IronPort)> showmessage
 2 
 3 Enter the MID to show.
 4 []> 56345400
 5 
 6 MID 56345400: 39 secs old
 7 
 8 
 9 From unknown Fri Jun 19 14:57:25 2015
10 Received: from localhost by ;
11 ...

Recherche d'un mail

 1 (Host_IronPort)> findevent
 2 
 3 Please choose which type of search you want to perform:
 4 1. Search by envelope FROM
 5 2. Search by Message ID
 6 3. Search by Subject
 7 4. Search by envelope TO
 8 [1]> 2
 9 
10 Enter the Message ID (MID) to search for.
11 []> 56345398
12 
13 Currently configured logs:
14     Log Name            Log Type                      Retrieval           Interval
15  ---------------------------------------------------------------------------------
16  1. mail_logs           IronPort Text Mail Logs       Manual Download     None
17 Enter the number of the log you wish to use for message tracking.
18 [1]>
19 
20 Please choose which set of logs to search:
21 1. All available log files
22 2. Select log files by date list
23 3. Current log file
24 [3]> 3
25 
26 Fri Jun 19 14:57:17 2015 Info: New SMTP ICID 171520023 interface Virt1_Data1 (192.168.18.9) address 189.2.98.232 reverse dns host mail.domain.net verified yes
27 Fri Jun 19 14:57:17 2015 Info: ICID 171520023 ACCEPT SG SUSPECT_and_UNKNOWN_LIST match sbrs[none] SBRS unable to retrieve
28 Fri Jun 19 14:57:22 2015 Info: Start MID 56345398 ICID 171520023
29 Fri Jun 19 14:57:22 2015 Info: MID 56345398 ICID 171520023 From: <user1@titi.fr>
30 Fri Jun 19 14:57:22 2015 Info: MID 56345398 ICID 171520023 RID 0 To: <user2@soc1.fr>
31 Fri Jun 19 14:57:22 2015 Info: MID 56345398 Message-ID '<kLko0Nzg0MzA4NQA@domain88.com>'
32 Fri Jun 19 14:57:22 2015 Info: MID 56345398 Subject "Coucou IronPort"
33 Fri Jun 19 14:57:22 2015 Info: MID 56345398 ready 3165 bytes from <user1@titi.fr>
34 Fri Jun 19 14:57:22 2015 Info: MID 56345398 matched all recipients for per-recipient policy DEFAULT in the inbound table
35 Fri Jun 19 14:57:22 2015 Info: MID 56345398 queued for delivery
36 Fri Jun 19 14:57:22 2015 Info: ICID 171520023 close
37 Fri Jun 19 14:57:10 2015 Info: New SMTP DCID 27801964 interface 192.168.180.2 address 10.10.10.10 port 25
38 Fri Jun 19 14:57:25 2015 Info: Delivery start DCID 27801964 MID 56345398 to RID [0]
39 Fri Jun 19 14:57:25 2015 Info: Message done DCID 27801964 MID 56345398 to RID [0]
40 Fri Jun 19 14:57:25 2015 Info: MID 56345398 RID [0] Response '2.6.0  <kLko0Nzg0MzA4NQA@domain88.com> Queued mail for delivery'
41 Fri Jun 19 14:57:25 2015 Info: Message finished MID 56345398 done
42 Fri Jun 19 14:57:31 2015 Info: DCID 27801964 close

Informations hardware

 1 > ipcheck
 2 
 3   Ipcheck Rev           1
 4   Date                  Thu Jul 14 10:00:03 2015
 5   Model                 C370
 6   Platform              R710 (80AE)
 7   LCD Setting           custom
 8   LCD Text              Cisco IronPort C370
 9   MGA Version           Version: 7.5.1-111
10   Build Date            2012-11-02
11   Install Date          2012-11-22 15:49:22
12   Burn-in Date          Unknown
13   Serial No.            76A43456B789-G78917Y
14   BIOS Version          2.2.17C
15   RAID Version          1.21.02-0528, 2.01.03, 1.02-012B
16   RAID Status           Optimal
17   RAID Type             1
18   RAID Chunk            Unknown
19   BMC Version           1.85
20 
21   Disk 0                278GB     SEAGATE ST3300657SS     ES656DE6339K
22   Disk 1                278GB     SEAGATE ST3300657SS     ES656DE33BQC
23   Disk 2
24   Disk 3
25   Disk 4
26   Disk 5
27   Disk 6
28   Disk 7
29   Disk Total            556GB
30 
31   Root                  400MB 45%
32   Nextroot              400MB 44%
33   Var                   400MB 1%
34   Log                   222GB 6%
35   DB                    12GB 0%
36   Swap                  8GB
37   Mail Queue            35GB
38 
39   RAM 1 A               Empty
40   RAM 1 B               Empty
41   RAM 2 A               2048M ECC 1333MHz
42   RAM 2 B               Empty
43   RAM 3 A               2048M ECC 1333MHz
44   RAM 3 B               Empty
45   RAM 4 A               Empty
46   RAM 4 B               Empty
47   RAM 5 A               2048M ECC 1333MHz
48   RAM 5 B               Empty
49   RAM 6 A               2048M ECC 1333MHz
50   RAM 6 B               Empty
51   RAM 7 A               Empty
52   RAM 7 B               Empty
53   RAM 8 A               Empty
54   RAM 8 B               Empty
55   RAM 9 A               Empty
56   RAM 9 B               Empty
57   RAM Total             8G
58 
59   CPU 1                 Xeon 2G 4800FSB 1M Cache
60   CPU 2                 Empty
61 
62   PCI 1                 PCI-e g2 x8, 4x Empty
63   PCI 2                 PCI-e g2 x8, 4x Empty
64   PCI 3                 PCI-e g2 8x Empty
65   PCI 4                 PCI-e g2 8x Empty
66 
67   NIC Management        84:2b:2b:89:ab:22, NetXtreme II Gigabit Ethernet (BCM5709)
68   NIC Data 1            84:2b:2b:89:ab:24, NetXtreme II Gigabit Ethernet (BCM5709)
69   NIC Data 2            84:2b:2b:89:ab:26, NetXtreme II Gigabit Ethernet (BCM5709)
70   NIC Data 3            84:2b:2b:89:ab:28, NetXtreme II Gigabit Ethernet (BCM5709)
71 
72   PS1                   Unknown
73   PS2                   Unknown
74 
75   Key                   999day, IronPort Anti-Spam
76   Key                   999day, Central Mgmt
77   Key                   999day, IronPort Email Encryption
78   Key                   999day, McAfee
79   Key                   999day, Outbreak Filters
80   Key                   999day, RSA Email Data Loss Prevention
81   Key                   999day, Sophos
82   Key                   Perpetua, Bounce Verification
83   Key                   Perpetua, Receiving

les credits

 1 # credits
 2          CREDITS
 3 ===========================
 4 This product proudly hand crafted by...
 5 Lou "Has a kid" Zechtzer
 6 Rich "Lord of Evil" Fielder
 7 David Veach
 8 Ben "Tamino" Cottrell
 9 Martin "kemokid" Baker
10 Jeremy "FIPS" Felix
11 Drue Loewenstern
12 Krishna "Saint" Srinivasan
13 Sam "Edgar the Bug" Rushing
14 Bennett "You have a call" Ting
15 Eric "ListBot" Huss
16 James "Nightfall" Moore
17 Jesse Montrose
18 Andrew "Judge and Jury" Flury
19 Larry Rosenstein
20 Jan "chemosabe" Lindner
21 Lonhyn Jasinskyj
22 Katy "dakini" Burns
23 Michael "Pryankster" Cuddy
24 Naseem "Crystal Meth Chef" Choudhury
25 Brian "q" Harrison
26 Charlie Slater
27 Scott "S." Hutton
28 Nachiket "Peppersteak" Bahekar
29 Brennan Evans
30 Bernie "Milkshake" Hackett
31 Ben "Tsutomu" Hartwell
32 Gabe "DJ Malloc" Mahoney
33 ...Paul
34 Mark Peek

Annexe :

Cheat Sheet IronPort ESA CLI by Jens Roesen