Cisco Cisco Email Security Appliance X1070 Information Guide
How do I configure a relay host on the ESA for
outbound mail?
outbound mail?
Document ID: 118136
Contributed by Nasir Shakour and Stephan Bayer, Cisco TAC
Engineers.
Jul 31, 2014
Engineers.
Jul 31, 2014
Contents
Question:
Answer:
Two methods for setting up relay (outbound email):
1. use an existing Listener by adding an appropriate Sender Group and Mail Flow Policy.
Answer:
Two methods for setting up relay (outbound email):
1. use an existing Listener by adding an appropriate Sender Group and Mail Flow Policy.
2. Alternately, setup a new Listener
Question:
How do I configure a relay host on the ESA for outbound mail?
Answer:
The Cisco ESA appliance will not relay messages for hosts that are not configured in the relay list.
SMTP servers that allow relay by unspecified hosts are called Open Relay or insecure relay. A server that is
configured as an Open Relay is subject to use by those who would send spam messages through it, causing the
server IP address to appear on blacklists and have its messages rejected.
configured as an Open Relay is subject to use by those who would send spam messages through it, causing the
server IP address to appear on blacklists and have its messages rejected.
Two methods for setting up relay (outbound email):
1. use an existing Listener by adding an appropriate Sender Group and
Mail Flow Policy.
Mail Flow Policy.
First create a new Mail Flow Policy from the Mail Flow Policies page of the Mail Policies tab. You
can give it any name you want; the most common is RELAYED. The critical setting on this that the
'Connection Behavior' must be set to 'Relay'. You may want to make the other settings appropriately
generous for your outbound mail needs.
can give it any name you want; the most common is RELAYED. The critical setting on this that the
'Connection Behavior' must be set to 'Relay'. You may want to make the other settings appropriately
generous for your outbound mail needs.
•
Once the Mail Flow Policy is created, go to the HAT Overview page of the Mail Policies tab and
create a new Sender Group. You can give it any name you like; the most common is RELAYLIST.
From the Policy dropdown list, select your new Mail Flow Policy. Change the Order to 1; the first
match wins and we want to make sure your trusted hosts always match on this Sender Group. Then
click on 'Submit and Add Senders'. On this page, add the IP addresses of the machines you trust to
send outbound mail.
create a new Sender Group. You can give it any name you like; the most common is RELAYLIST.
From the Policy dropdown list, select your new Mail Flow Policy. Change the Order to 1; the first
match wins and we want to make sure your trusted hosts always match on this Sender Group. Then
click on 'Submit and Add Senders'. On this page, add the IP addresses of the machines you trust to
send outbound mail.
•