Cisco Cisco Email Security Appliance C160 User Guide
1-45
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
Chapter 1 Customizing Listeners
If there is no specific entry for a given recipient domain in the good neighbor
table, or if there is a specific entry but there is no specific TLS setting for the
entry, then the behavior is whatever is set using the Destination Controls page or
the
table, or if there is a specific entry but there is no specific TLS setting for the
entry, then the behavior is whatever is set using the Destination Controls page or
the
destconfig -> default
subcommand (“No,” “Preferred,” “Required,”
“Preferred (Verify),” or “Required (Verify)”).
4. Preferred
(Verify)
(Verify)
TLS is negotiated from the IronPort appliance to the MTA(s)
for the domain. The appliance attempts to verify the domain’s
certificate.
for the domain. The appliance attempts to verify the domain’s
certificate.
Three outcomes are possible:
•
TLS is negotiated and the certificate is verified. The mail
is delivered via an encrypted session.
is delivered via an encrypted session.
•
TLS is negotiated, but the certificate is not verified. The
mail is delivered via an encrypted session.
mail is delivered via an encrypted session.
•
No TLS connection is made and, subsequently the
certificate is not verified. The email message is delivered
in plain text.
certificate is not verified. The email message is delivered
in plain text.
5. Required
(Verify)
(Verify)
TLS is negotiated from the IronPort appliance to the MTA(s)
for the domain. Verification of the domain’s certificate is
required.
for the domain. Verification of the domain’s certificate is
required.
Three outcomes are possible:
•
A TLS connection is negotiated and the certificate is
verified. The email message is delivered via an encrypted
session.
verified. The email message is delivered via an encrypted
session.
•
A TLS connection is negotiated but the certificate is not
verified by a trusted CA. The mail is not delivered.
verified by a trusted CA. The mail is not delivered.
•
A TLS connection is not negotiated. The mail is not
delivered.
delivered.
Table 1-7
TLS Settings for Delivery
TLS Setting
Meaning