Cisco Cisco Email Security Appliance X1070 Troubleshooting Guide
How do I configure my Cisco Email Security
Appliance (ESA) to query public DNS−based Block
Lists (DNSBL)?
Appliance (ESA) to query public DNS−based Block
Lists (DNSBL)?
Document ID: 118238
Contributed by Jerry Orona and Stephan Bayer, Cisco TAC Engineers.
Aug 12, 2014
Aug 12, 2014
Contents
Blacklists or DNS−based Block Lists (DNSBL) are lists of IP addresses used by known spammers. With
AsyncOS for Email, you have the ability in a listener's HAT to define a sender group as matching a query to a
specific DNS List server. The query is performed via DNS at the time of the remote client's connection.
AsyncOS for Email, you have the ability in a listener's HAT to define a sender group as matching a query to a
specific DNS List server. The query is performed via DNS at the time of the remote client's connection.
The ability to query a remote list also exists currently as a message filter rule
(see "DNS List Rule" in the AsyncOS Advanced Configuration Guide), but only once the message content has
been received in full.)
been received in full.)
This mechanism allows you to configure a sender within a group that queries a DNS List so that you can
adjust your mail flow policies accordingly. For example, you could reject connections or limit the behavior of
the connecting domain.
adjust your mail flow policies accordingly. For example, you could reject connections or limit the behavior of
the connecting domain.
The 'dnslist' mechanism(in each Sender Groups' settings page) allows you to add a sender within a Sender
Group that will query a DNS List.
Group that will query a DNS List.
Note: Be sure to include brackets in the query in the CLI. Brackets are not necessary when specifying a DNS
List query in the GUI. Use the 'dnslistconfig' command in the CLI to test a query, configure general settings
for DNL queries, or flush the current DNS list cache.
List query in the GUI. Use the 'dnslistconfig' command in the CLI to test a query, configure general settings
for DNL queries, or flush the current DNS list cache.
Updated: Aug 12, 2014
Document ID: 118238