Cisco Cisco Email Security Appliance C650 Guía Del Usuario
7-10
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
Understanding Predefined Sender Groups and Mail Flow Policies
Testing HAT Variables
To test these variables, add the IP address of a known, trusted machine to the $WHITELIST sender group
of a listener on the Cisco appliance. Then, connect from that machine via telnet. You can see the variable
substitution in the SMTP response. For example:
of a listener on the Cisco appliance. Then, connect from that machine via telnet. You can see the variable
substitution in the SMTP response. For example:
Understanding Predefined Sender Groups and Mail Flow
Policies
Policies
lists the predefined sender groups and mail flow policies that are configured when a public
listener is created.
[220]> 200
Enter your custom SMTP response. Press Enter on a blank line to finish.
You've connected from the hostname: $Hostname, IP address of: $RemoteIP, matched the
group: $Group, $HATEntry and the SenderBase Organization: $OrgID.
# telnet IP_address_of_IronPort_Appliance
220 hostname ESMTP
200 You've connected from the hostname: hostname, IP address of:
IP-address_of_connecting_machine, matched the group: WHITELIST, 10.1.1.1 the SenderBase
Organization: OrgID.
Table 7-6
Predefined Sender Groups and Mail Flow Policies for Public Listeners
Predefined Sender Group
Description
Default Configured
Mail Flow Policy
Mail Flow Policy
WHITELIST
Add senders you trust to the Whitelist sender
group. The $TRUSTED mail flow policy is
configured so that email from senders you trust
has no rate limiting enabled, and the content from
those senders is not scanned by the Anti-Spam or
Anti-Virus software.
group. The $TRUSTED mail flow policy is
configured so that email from senders you trust
has no rate limiting enabled, and the content from
those senders is not scanned by the Anti-Spam or
Anti-Virus software.
$TRUSTED
BLACKLIST
Senders in the Blacklist sender group are rejected
(by the parameters set in the $BLOCKED mail
flow policy). Adding senders to this group rejects
connections from those hosts by returning a 5XX
SMTP response in the SMTP HELO command.
(by the parameters set in the $BLOCKED mail
flow policy). Adding senders to this group rejects
connections from those hosts by returning a 5XX
SMTP response in the SMTP HELO command.
$BLOCKED