Cisco Cisco Email Security Appliance C160 Guía Del Usuario
25-39
Cisco AsyncOS 9.0 for Email User Guide
Chapter 25 LDAP Queries
Configuring AsyncOS for SMTP Authentication
Authenticating SMTP Sessions Using Client Certificates
The Email Security appliance supports the use of client certificates to authenticate SMTP sessions
between the Email Security appliance and users’ mail clients.
between the Email Security appliance and users’ mail clients.
When creating an SMTP authentication profile, you select the Certificate Authentication LDAP query to
use for verifying the certificate. You can also specify whether the Email Security appliance falls back to
the SMTP AUTH command to authenticate the user if a client certificate isn’t available.
use for verifying the certificate. You can also specify whether the Email Security appliance falls back to
the SMTP AUTH command to authenticate the user if a client certificate isn’t available.
If your organization uses client certificates to authenticate users, you have the option of using the SMTP
Authentication query to check whether a user who doesn’t have a client certificate can send mail as long
as their record specifies that it’s allowed.
Authentication query to check whether a user who doesn’t have a client certificate can send mail as long
as their record specifies that it’s allowed.
See
for more information.
Outgoing SMTP Authentication
SMTP Authentication can also be used to provide validation for an outbound mail relay, using a
username and password. Create an ‘outgoing’ SMTP authentication profile and then attach the profile to
an SMTP route for the ALL domain. On each mail delivery attempt, the appliance will log on to the
upstream mail relay with the necessary credentials. SMTP authentication supports the following
authorization protocols: PLAIN and LOGIN.
username and password. Create an ‘outgoing’ SMTP authentication profile and then attach the profile to
an SMTP route for the ALL domain. On each mail delivery attempt, the appliance will log on to the
upstream mail relay with the necessary credentials. SMTP authentication supports the following
authorization protocols: PLAIN and LOGIN.
Procedure
Step 1
Choose Network > SMTP Authentication.
Step 2
Click Add Profile.
Step 3
Enter a unique name for the SMTP authentication profile.
Step 4
For the Profile Type, select Outgoing.
Step 5
Click Next.
Do you want to modify the SMTP RCPT TO reject response in this case?
[N]> y
Enter the SMTP code to use in the response. 550 is the standard code.
[550]> 551
Enter your custom SMTP response. Press Enter on a blank line to finish.
Sender rejected due to local mail policy.
Contact your mail admin for assistance.