Cisco's IronPort spam filter screens and quarantines suspicious email messages before they reach your Exchange inbox. Filtered messages include marketing emails, spam and newsletters.
IronPort works in the background with little or no user maintenance required. Several times per week, a quarantine notification listing the captured messages is sent to your inbox.
Occasionally, IronPort does not catch a spam message. Follow these instructions to report to Cisco.
Do nothing. The captured messages are deleted after 14 days.
Release a message back to the inbox. This is a one-time event; subsequent emails from the same address will continue to be quarantined. Click the Release link from the quarantine message or log in to http://ironport.ecu.edu to choose an action from the drop-down menu.
Add an address to the Safelist. Log in to the IronPort page to add one or more addresses to the Safelist. Messages with an address on the Safelist will not be quarantined again, but will go directly to your inbox.
Add an address to the Blocklist. To permanently block a marketing email, first copy the address. From the Options drop-down menu (upper right of the screen), chooseBlocklist. Paste the address into the text block and click Add to List. Messages from this address will never post in your inbox again.
Unsubscribe to the newsletter. Most unsubscribe links are at the bottom of a marketing email. Release a quarantined message, open it and click the unsubscribe link found at the bottom of the message.
Open this printable pdf tutorial on managing quarantined emails.
Occasionally, a malicious email is not caught by IronPort. Report this message to the Enterprise Applications team:
See this video how-to for a demonstration.
*Don't See These Addresses? It may be time to update your Outlook Address Book:
A spam email doesn't ask for any action on your part. Most of the time, spam emails are advertisements. However, a phishing email will always request some action on your part to trick you into giving up your credentials. Phishing emails are, by far, more of a security risk and need to be reported quickly.