Cisco Cisco Email Security Appliance C190 Guía Del Usuario
7-23
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
SenderBase Settings and Mail Flow Policies
In most cases, you can use this feature to define sender groups broadly — that is, large groups of IP
addresses such as “10.1.1.0/24” or “10.1.0.0/16” — while applying mail flow rate limiting narrowly to
smaller groups of IP addresses.
addresses such as “10.1.1.0/24” or “10.1.0.0/16” — while applying mail flow rate limiting narrowly to
smaller groups of IP addresses.
The HAT Significant Bits feature corresponds to these components of the system:
HAT Configuration
There are two parts of HAT configuration: sender groups and mail flow policies. Sender group
configuration defines how a sender's IP address is “classified” (put in a sender group). Mail flow policy
configuration defines how the SMTP session from that IP address is controlled. When using this feature,
an IP address may be “classified in a CIDR block” (e.g. 10.1.1.0/24) sender group while being controlled
as an individual host (/32). This is done via the “signficant_bits” policy configuration setting.
configuration defines how a sender's IP address is “classified” (put in a sender group). Mail flow policy
configuration defines how the SMTP session from that IP address is controlled. When using this feature,
an IP address may be “classified in a CIDR block” (e.g. 10.1.1.0/24) sender group while being controlled
as an individual host (/32). This is done via the “signficant_bits” policy configuration setting.
Significant Bits HAT Policy Option
The HAT syntax allows for the signficant_bits configuration option. When editing the default or a
specific mail flow policy in a HAT (for example, when issuing the
specific mail flow policy in a HAT (for example, when issuing the
listenerconfig -> edit ->
hostaccess -> default
command) the following questions appear if:
•
rate limiting is enabled, and
–
using SenderBase for flow control is disabled, or
–
Directory Harvest Attack Prevention (DHAP) is enabled for a mail flow policy (default or
specific mail flow policy)
specific mail flow policy)
For example:
This feature also appears in the GUI in the Mail Policies > Mail Flow Policies page.
Do you want to enable rate limiting per host? [N]> y
Enter the maximum number of recipients per hour from a remote host.
[]> 2345
Would you like to specify a custom SMTP limit exceeded response? [Y]> n
Would you like to use SenderBase for flow control by default? [N]> n
Would you like to group hosts by the similarity of their IP addresses? [N]> y
Enter the number of bits of IP address to treat as significant, from 0 to 32.
[24]>