Trial Mode (BCC)
For this message source setting, a copy of message traffic is received via an SMTP relay from a SEG. Traffic is analyzed and marked with delivery actions, but messages are not delivered to user mailboxes. You will have defined the IP addresses you expect email from in the initial Secure Email Threat Defense setup.
To enable Secure Email Threat Defense to receive incoming email BCC-ed from your existing SEG/MTA, complete the following steps. The exact steps will vary depending on your setup.
-
Set up connection limits for all connections made to Secure Email Threat Defense:
-
Messages are accepted over TLS 1.2 only
-
Maximum messages per connection is 10
-
When your message source receives an error when sending BCC traffic to Secure Email Threat Defense, it should not bounce the email back to the sender.
-
-
For Secure Email Threat Defense to be able to process BCC messages, a set of headers need to be present in the emails. Add the following headers:
-
X-CSE-ClientIP- IP of the sender (Sending MTA) who sent the mail to the SEG/MTA -
X-CSE-MailFrom- The "mail from" address -
X-CSE-RcptTo- The "rcpt to" addresses -
X-CSE-MsgDirection- "Incoming"
-
-
Configure the email address to BCC emails to Secure Email Threat Defense. The BCC email address takes the following format:
<tenant_id>@inbound-bcc-domain
where tenant_id is the Secure Email Threat Defense tenant id of the customer and inbound-bcc-domain is one of the following based on the region:
Table 1. Inbound BCC Domains
| Region/Environment | DNS Record |
|---|---|
| North America | bcc-in.us.etd.cisco.com |
| Europe | bcc-in.eu.etd.cisco.com |
| India | bcc-in.ap.etd.cisco.com |
| Australia | bcc-in.au.etd.cisco.com |
| United Arab Emirates | bcc-in.ae.etd.cisco.com |
| Beta | bcc-in.beta.etd.cisco.com |