Cisco Cisco Email Security Appliance C160 Betriebsanweisung
21-32
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 21 Email Authentication
DMARC Verification
Step 2
Create an
spf-status
content filter for each type of SPF/SIDF verification. Use a naming convention to
indicate the type of verification. For example, use “SPF-Passed” for messages that pass SPF/SIDF
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
spf-status
content filter, see
.
Step 3
After you have processed a number of SPF/SIDF verified messages, click Monitor > Content Filters to
see how many messages triggered each of the SPF/SIDF verified content filters.
see how many messages triggered each of the SPF/SIDF verified content filters.
Greater Granularity Test of SPF/SIDF Results
For more comprehensive information about SPF/SIDF verification results, only enable SPF/SIDF
verification for specific groups of senders, and review the results for those specific senders. Then, create
a mail policy for that particular group and enable SPF/SIDF verification on the mail policy. Create
content filters and review the Content Filters report as explained in
verification for specific groups of senders, and review the results for those specific senders. Then, create
a mail policy for that particular group and enable SPF/SIDF verification on the mail policy. Create
content filters and review the Content Filters report as explained in
. If you find that the verification is effective, then you can use SPF/SIDF verification
as a basis for deciding whether to drop or bounce emails for this specified group of senders.
Procedure
Step 1
Create a mail flow policy for SPF/SIDF verification. Enable SPF/SIDF verification for the mail flow
policy on an incoming listener. For information about enabling SPF/SIDF, see
policy on an incoming listener. For information about enabling SPF/SIDF, see
Step 2
Create a sender group for SPF/SIDF verification and use a naming convention to indicate SPF/SIDF
verification. For information about creating sender groups, see the “Configuring the Gateway to Receive
Mail” chapter.
verification. For information about creating sender groups, see the “Configuring the Gateway to Receive
Mail” chapter.
Step 3
Create an
spf-status
content filter for each type of SPF/SIDF verification. Use a naming convention to
indicate the type of verification. For example, use “SPF-Passed” for messages that pass SPF/SIDF
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
spf-status
content filter, see
.
Step 4
After you process a number of SPF/SIDF-verified messages, click Monitor > Content Filters to see how
many messages triggered each of the SPF/SIDF-verified content filters.
many messages triggered each of the SPF/SIDF-verified content filters.
DMARC Verification
Domain-based Message Authentication, Reporting and Conformance (DMARC) is a technical
specification created to reduce the potential for email-based abuse. DMARC standardizes how email
receivers perform email authentication using SPF and DKIM mechanisms. To pass DMARC verification,
an email must pass at least one of these authentication mechanisms, and the Authentication Identifiers
must comply with RFC 5322.
specification created to reduce the potential for email-based abuse. DMARC standardizes how email
receivers perform email authentication using SPF and DKIM mechanisms. To pass DMARC verification,
an email must pass at least one of these authentication mechanisms, and the Authentication Identifiers
must comply with RFC 5322.
The Email Security appliance allows you to:
•
Verify incoming emails using DMARC.
•
Define profiles to override (accept, quarantine, or reject) domain owners’ policies.