Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
4-6
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 4 Understanding the Email Pipeline
Work Queue / Routing
For more information, see
Alias Tables
Alias tables provide a mechanism to redirect messages to one or more recipients. Aliases are stored in a
mapping table. When the envelope recipient (also known as the Envelope To, or
mapping table. When the envelope recipient (also known as the Envelope To, or
RCPT TO
) of an email
matches an alias as defined in an alias table, the envelope recipient address of the email will be rewritten.
For more information about Alias Tables, see “Creating Alias Tables” in the “Configuring Routing and
Delivery Features” chapter.
Delivery Features” chapter.
LDAP Recipient Acceptance
You can use your existing LDAP infrastructure to define how the recipient email address of incoming
messages (on a public listener) should be handled during the SMTP conversation or within the
workqueue. See “Accept Queries” in the “Customizing Listeners” chapter. This allows the appliance to
combat directory harvest attacks (DHAP) in a unique way: the system accepts the message and performs
the LDAP acceptance validation within the SMTP conversation or the work queue. If the recipient is not
found in the LDAP directory, you can configure the system to perform a delayed bounce or drop the
message entirely.
messages (on a public listener) should be handled during the SMTP conversation or within the
workqueue. See “Accept Queries” in the “Customizing Listeners” chapter. This allows the appliance to
combat directory harvest attacks (DHAP) in a unique way: the system accepts the message and performs
the LDAP acceptance validation within the SMTP conversation or the work queue. If the recipient is not
found in the LDAP directory, you can configure the system to perform a delayed bounce or drop the
message entirely.
For more information, see the “LDAP Queries” chapter.
SMTP Call-Ahead Recipient Validation
When you configure your Email Security appliance for SMTP call-ahead recipient validation, the Email
Security appliance suspends the SMTP conversation with the sending MTA while it “calls ahead” to the
SMTP server to verify the recipient. When the appliance queries the SMTP server, it returns the SMTP
server’s response to the Email Security appliance. The Email Security appliance resumes the SMTP
conversation and sends a response to the sending MTA, allowing the conversation to continue or
dropping the connection based on the SMTP server response (and settings you configure in the SMTP
Call-Ahead profile).
Security appliance suspends the SMTP conversation with the sending MTA while it “calls ahead” to the
SMTP server to verify the recipient. When the appliance queries the SMTP server, it returns the SMTP
server’s response to the Email Security appliance. The Email Security appliance resumes the SMTP
conversation and sends a response to the sending MTA, allowing the conversation to continue or
dropping the connection based on the SMTP server response (and settings you configure in the SMTP
Call-Ahead profile).
For more information, see
Work Queue / Routing
The Work Queue is where the received message is processed before moving to the delivery phase.
Processing includes masquerading, routing, filtering, safelist/blocklist scanning, anti-spam and
anti-virus scanning, file reputation scanning and analysis, Outbreak Filters, and quarantining.
Processing includes masquerading, routing, filtering, safelist/blocklist scanning, anti-spam and
anti-virus scanning, file reputation scanning and analysis, Outbreak Filters, and quarantining.
Note
Data loss prevention (DLP) scanning is only available for outgoing messages. For information on where
DLP message scanning occurs in the Work Queue, see
DLP message scanning occurs in the Work Queue, see