Graymail Detection and Safe Unsubscribing Functionality

Introduction

This document describes how the Graymail Detection and Safe Unsubscribing feature works on the Cisco Email Security Appliance (ESA).

Prerequisites

Requirements

There are no specific requirements for this document.

Components Used

This document is not restricted to specific software and hardware versions.

The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command.

Graymail Detection and Safe Unsubscribing Functionality

During the Graymail Safe Unsubscribe process, there are times when an end-user will see a notice in their local web browser. If you want to check the status of your request at a later point, use this link. For future reference, you can bookmark this link similar to this:

This is the link shown in the example above:

http://184.94.241.137/us/status/1FOzUokNiIjWGPWfd56V8fUtDNzv_yVD9tB8h7bfo9rHKd9Z1mdbTEwEPwx2YmDBn1mYXQIh39_wEhpd9hcS3yzaAwogfuxcPzn8wvscfWrSd-NjGddCnCiCwBg8xDlHGRVQF5wXU8_8515PBsTAN1EmEOUE7YQGRvMoXA9mEQzR5n1jPBLfabt469Fzu2Ul__TpLvlHxP1E7ZgK_wyxH92IbRNU9wur957bXQ5-Wi8c2-8HtlsHLY2n9ZlzSB4mPznD-yAUVJrQ1D8V-ya0iZKHfk1tAdSBbk70xh7dMMHFpCMw9SzwDkKBhwX2o4JxKEyhT_Sj3GUPu7iePXglUHHfWoplE-yHYHfDWjQwffB0vfyKaVnbZw--S005mmacTLiBiKDkL5VdcCkxHywLVtrla36_qaxaKAR4xaduM390oCY8ABEfs_-2ltw7L7I4cmzKHr9gWdVKuX-BhQ5QR2R5YTznH4gI0D1sF3ueve7jnt50YC6uL6R6tOmMaCe8N3FGexiVkBKntd5LNG5pVpQaO28lU_ejq73YXHYH_urfup-X3eZoF0LSnzKhoThMxrv23jaLp5MWxAw-_NrGHQA/l88%3Amailto%3Aunsub-33334600008-echo3-64973c97bd6cc3e865982081e38e8d4d%40listunsub.bluehornet.come

If the unsubscribe service is not able to complete the unsubscribe request in real-time, this link is provided as a status link to allow the end-user to check the status of the unsubscribe request at a later time. 

The link directs to safe-unsubscribe.cisco.com (184.94.241.137), which is a pointer for an Akami hosted IP address:

$ dig safe-unsubscribe.cisco.com +short
safe-unsubscribe.ncs-cisco.com.akadns.net.
184.94.241.137

The safe-unsubscribe service is currently mapped to one of these IPs:

• 184.94.241.137
• 208.90.58.189

It is also possible that the end-user will have the link re-written by the URL Rewriting (Virus Outbreak) through the Security Proxy, and the URL will show first redirecting to the domain secure-web.cisco.com (184.94.240.100), which then redirects to safe-unsubscribe.cisco.com. This is also a pointer for an Akami hosted IP address:

$ dig secure-web.cisco.com +short
secure-web.harpe-cisco.com.akadns.net.
184.94.240.100

The original Graymail unsubscribe request is tied to the datacenter that it is initially processed through. The status request therefore must be sent to the same data center as the initial request.

Both services, Graymail Safe Unsubscrive and the Security Proxy are hosted in two separate data centers. These are load balanced via Domain Name System (DNS) for redundancy and high-availability

If customer asks to change the IP address with domain name, it cannot be achieved. The claim of having domain name instead of IP address cannot be fulfilled.

To have the service function via IP address and not hostname in the URL does not present any functional impact to Graymail or safe-unsubscription.