Cisco Cisco Email Security Appliance C650 Guía Del Usuario
21-30
Cisco AsyncOS 9.5 for Email User Guide
Chapter 21 Email Authentication
Enabling SPF and SIDF
See the Cisco AsyncOS CLI Reference Guide for more information on the
listenerconfig
command.
The Received-SPF Header
When you configure AsyncOS for SPF/SIDF verification, it places an SPF/SIDF verification header
(
(
Received-SPF
) in the email. The
Received-SPF
header contains the following information:
•
verification result - the SPF verification result (see
•
identity - the identity that SPF verification checked: HELO, MAIL FROM, or PRA.
•
receiver - the verifying host name (which performs the check).
•
client IP address - the IP address of the SMTP client.
•
ENVELOPE FROM - the envelope sender mailbox. (Note that this may be different from the MAIL
FROM identity, as the MAIL FROM identity cannot be empty.)
FROM identity, as the MAIL FROM identity cannot be empty.)
•
x-sender - the value of the HELO, MAIL FROM, or PRA identity.
•
x-conformance - the level of conformance (see
) and whether a downgrade of the PRA check was performed.
The following example shows a header added for a message that passed the SPF/SIDF check:
Note
The
spf-status
and
spf-passed
filter rules use the received-SPF header to determine the status of the
SPF/SIDF verification.
SoftFail, Fail, TempError, PermError: Reject
For MAIL FROM Identity: Accept
SMTP Response Settings:
Reject code: 550
Reject text: #5.7.1 SPF unauthorized mail is prohibited.
Get reject response text from publisher: Yes
Defer code: 451
Defer text: #4.4.3 Temporary error occurred during SPF verification.
Verification timeout: 40
Received-SPF: Pass identity=pra; receiver=box.example.com;
client-ip=1.2.3.4; envelope-from="alice@fooo.com";
x-sender="alice@company.com"; x-conformance=sidf_compatible