Alert Delivery

Because alert messages can be used to inform you of problems within your Cisco Content Security appliance, they are not sent using AsyncOS’s normal mail delivery system. Instead, alert messages pass through a separate and parallel email system designed to operate even in the face of significant system failure in AsyncOS.

The alert mail system does not share the same configuration as AsyncOS, which means that alert messages may behave slightly differently from other mail delivery:

  • Alert messages are delivered using standard DNS MX and A record lookups.

    • They do cache the DNS entries for 30 minutes and the cache is refreshed every 30 minutes, so in case of DNS failure the alerts still go out.

  • If your deployment includes Email Security appliances:

    • Alert messages do not pass through the work queue, so they are not scanned for viruses or spam. They are also not subjected to message filters or content filters.

    • Alert messages do not pass through the delivery queue, so they will not be affected by bounce profiles or destination control limits.

  • [Optional - Only if TLS support is enabled in "alertconfig" and FQDN validation enabled in SSL Configuration settings]: Check whether the 'Common Name,' 'SAN: DNS Name' fields, or both present in the server certificate, are in the FQDN format.

  • [Optional - Only if TLS support is enabled in "alertconfig"]: Check whether the 'Common Name,' or 'SAN: DNS Name' fields, of the server certificate contain Hostname of the server. Reverse DNS name is used if IP is configured in Hostname field.

  • [Optional - Only if TLS support is enabled using the alertconfig CLI command]: Check whether the server name is present in the 'Common Name' or 'SAN: DNS Name' fields in the server certificate.

  • [Optional - Only if TLS support is enabled using the alertconfig CLI command and X 509 validation is enabled on the SSL Configuration page]: Check the server certificate version.