Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
20-34
Cisco AsyncOS 9.0 for Email User Guide
Chapter 20 Email Authentication
Testing the SPF/SIDF Results
Note
Unlike the
spf-status
rule, the
spf-passed
rule reduces the SPF/SIDF verification values to a simple
Boolean. The following verification results are treated as not passed in the
spf-passed
rule: None,
Neutral, Softfail, TempError, PermError, and Fail. To perform actions on messages based on more
granular results, use the
granular results, use the
spf-status
rule.
Testing the SPF/SIDF Results
Test the results of SPF/SIDF verification and use these results to determine how to treat SPF/SIDF
failures because different organizations implement SPF/SIDF in different ways. Use a combination of
content filters, message filters, and the Email Security Monitor - Content Filters report to test the results
of the SPF/SIDF verification.
failures because different organizations implement SPF/SIDF in different ways. Use a combination of
content filters, message filters, and the Email Security Monitor - Content Filters report to test the results
of the SPF/SIDF verification.
Your degree of dependence on SPF/SIDF verification determines the level of granularity at which you
test SPF/SIDF results.
test SPF/SIDF results.
Related Topics
•
•
Basic Granularity Test of SPF/SIDF Results
To get a basic measure of the SPF/SIDF verification results for incoming mail, you can use content filters
and the Email Security Monitor - Content Filters page. This test provides a view of the number of
messages received for each type of SPF/SIDF verification result.
and the Email Security Monitor - Content Filters page. This test provides a view of the number of
messages received for each type of SPF/SIDF verification result.
Procedure
Step 1
Enable SPF/SIDF verification for a mail flow policy on an incoming listener, and use a content filter to
configure an action to take. For information on enabling SPF/SIDF, see
configure an action to take. For information on enabling SPF/SIDF, see
Step 2
Create an
spf-status
content filter for each type of SPF/SIDF verification. Use a naming convention to
indicate the type of verification. For example, use “SPF-Passed” for messages that pass SPF/SIDF
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
verification, or “SPF-TempErr” for messages that weren’t passed due to a transient error during
verification. For information about creating an
spf-status
content filter, see
.
Step 3
After you have processed a number of SPF/SIDF verified messages, click Monitor > Content Filters to
see how many messages triggered each of the SPF/SIDF verified content filters.
see how many messages triggered each of the SPF/SIDF verified content filters.
Greater Granularity Test of SPF/SIDF Results
For more comprehensive information about SPF/SIDF verification results, only enable SPF/SIDF
verification for specific groups of senders, and review the results for those specific senders. Then, create
a mail policy for that particular group and enable SPF/SIDF verification on the mail policy. Create
verification for specific groups of senders, and review the results for those specific senders. Then, create
a mail policy for that particular group and enable SPF/SIDF verification on the mail policy. Create