Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
Chapter 5 Email Authentication
5-22
Cisco IronPort AsyncOS 7.5 for Email Advanced Configuration Guide
OL-25137-01
Step 4
If the checks all pass, AsyncOS returns a pass.
Note
When the message body is greater than the specified length, AsyncOS returns the
following verdict:
following verdict:
dkim = pass (partially verified [x bytes])
where X represents the number of bytes verified.
The final verification result is entered as an Authentication-Results header. For
example, you might get a header that looks like one of the following:
example, you might get a header that looks like one of the following:
Authentication-Results: example1.com
header.from=From:user123@example.com; dkim=pass (signature
verified)
Authentication-Results: example1.com
header.from=From:user123@example.com; dkim=pass (partially
verified [1000 bytes])
Authentication-Results: example1.com
header.from=From:user123@example.com; dkim=permfail (body hash
did not verify)
Note
Current DKIM verification stops at the first valid signature. It is not possible to
verify using the last signature encountered. This functionality may be available in
a later release.
verify using the last signature encountered. This functionality may be available in
a later release.
Configuring DKIM Verification on the MailFlow Policy
DKIM verification is enabled on mail flow policies for incoming email.
To enable verification on an incoming mail flow policy:
Step 1
On the Mail Flow Policies page (from the Mail Policies menu), click on the
incoming mail policy for the listener where you want to perform verification.
incoming mail policy for the listener where you want to perform verification.
Step 2
In the Security Features section of the mail flow policy, enable DKIM Verification
by selecting On.
by selecting On.