Cisco Cisco Email Security Appliance X1070 Guía Del Usuario
3-2
Cisco AsyncOS 9.0 for Email User Guide
Chapter 3 Setup and Installation
Installation Planning
messages from the Internet and from your internal network. You can configure the appliance for policy
enforcement (
enforcement (
) for all email traffic
to and from your enterprise.
Ensure that the Email Security appliance is both accessible via the public Internet and is the “first hop”
in your email infrastructure. If you allow another MTA to sit at your network’s perimeter and handle all
external connections, then the Email Security appliance will not be able to determine the sender’s IP
address. The sender’s IP address is needed to identify and distinguish senders in the Mail Flow Monitor,
to query the SenderBase Reputation Service for the sender’s SenderBase Reputation Score (SBRS), and
to improve the efficacy of the Anti-Spam and Outbreak Filters features.
in your email infrastructure. If you allow another MTA to sit at your network’s perimeter and handle all
external connections, then the Email Security appliance will not be able to determine the sender’s IP
address. The sender’s IP address is needed to identify and distinguish senders in the Mail Flow Monitor,
to query the SenderBase Reputation Service for the sender’s SenderBase Reputation Score (SBRS), and
to improve the efficacy of the Anti-Spam and Outbreak Filters features.
Note
If you cannot configure the appliance as the first machine receiving email from the Internet, you can still
exercise some of the security services available on the appliance. For more information, see
exercise some of the security services available on the appliance. For more information, see
.
When you use the Email Security appliance as your SMTP gateway:
•
The Mail Flow Monitor feature (see
) offers complete
visibility into all email traffic for your enterprise from both internal and external senders.
•
LDAP queries (see
) for routing, aliasing, and masquerading can
consolidate your directory infrastructure and provide for simpler updates.
•
Familiar tools like alias tables (see
), domain-based routing (
), and masquerading (
make the transition from Open-Source MTAs easier.
Register the Email Security Appliance in DNS
Malicious email senders actively search public DNS records to hunt for new victims. In order to utilize
the full capabilities of Anti-Spam, Outbreak Filters, McAfee Antivirus and Sophos Anti-Virus, ensure
that the Email Security appliance is registered in DNS.
the full capabilities of Anti-Spam, Outbreak Filters, McAfee Antivirus and Sophos Anti-Virus, ensure
that the Email Security appliance is registered in DNS.
To register the appliance in DNS, create an A record that maps the appliance’s hostname to its IP address,
and an MX record that maps your public domain to the appliance’s hostname. You must specify a priority
for the MX record to advertise the Email Security appliance as either a primary or backup MTA for your
domain.
and an MX record that maps your public domain to the appliance’s hostname. You must specify a priority
for the MX record to advertise the Email Security appliance as either a primary or backup MTA for your
domain.
In the following example, the Email Security appliance (ironport.example.com) is a backup MTA for the
domain example.com, since its MX record has a higher priority value (20). In other words, the higher
the numeric value, the lower the priority of the MTA.
domain example.com, since its MX record has a higher priority value (20). In other words, the higher
the numeric value, the lower the priority of the MTA.
By registering the Email Security appliance in DNS, you will attract spam attacks regardless of how you
set the MX record priority. However, virus attacks rarely target backup MTAs. Given this, if you want
to evaluate an anti-virus engine to its fullest potential, configure the Email Security appliance to have an
MX record priority of equal or higher value than the rest of your MTAs.
set the MX record priority. However, virus attacks rarely target backup MTAs. Given this, if you want
to evaluate an anti-virus engine to its fullest potential, configure the Email Security appliance to have an
MX record priority of equal or higher value than the rest of your MTAs.
$ host -t mx example.com
example.com mail is handled (pri=10) by mail.example.com
example.com mail is handled (pri=20) by ironport.example.com