Cisco Cisco Email Security Appliance C170 Guía Del Usuario
4-7
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 4 Understanding the Email Pipeline
then the message will not be anti-virus scanned upon release from the quarantine, regardless of whether
anti-virus scanning has been re-enabled. However, messages that bypass anti-virus scanning due to mail
policies may be anti-virus scanned upon release from a quarantine, as the mail policy's settings may have
changed while the message was in the quarantine. For example, if a message bypasses anti-virus
scanning due to a mail policy and is quarantined, then, prior to release from the quarantine, the mail
policy is updated to include anti-virus scanning, the message will be anti-virus scanned upon release
from the quarantine.
anti-virus scanning has been re-enabled. However, messages that bypass anti-virus scanning due to mail
policies may be anti-virus scanned upon release from a quarantine, as the mail policy's settings may have
changed while the message was in the quarantine. For example, if a message bypasses anti-virus
scanning due to a mail policy and is quarantined, then, prior to release from the quarantine, the mail
policy is updated to include anti-virus scanning, the message will be anti-virus scanned upon release
from the quarantine.
Similarly, suppose you had inadvertently disabled anti-spam scanning globally (or within the HAT), and
you notice this after mail is in the work queue. Enabling anti-spam at that point will not cause the
messages in the work queue to be anti-spam scanned.
you notice this after mail is in the work queue. Enabling anti-spam at that point will not cause the
messages in the work queue to be anti-spam scanned.
LDAP Recipient Acceptance
You can use your existing LDAP infrastructure to define how the recipient email address of incoming
messages (on a public listener) should be handled during the SMTP conversation or within the
workqueue. See “Accept Queries” in the “Customizing Listeners” chapter of the Cisco IronPort AsyncOS
for Email Advanced Configuration Guide. This allows the Cisco IronPort appliance to combat directory
harvest attacks (DHAP) in a unique way: the system accepts the message and performs the LDAP
acceptance validation within the SMTP conversation or the work queue. If the recipient is not found in
the LDAP directory, you can configure the system to perform a delayed bounce or drop the message
entirely.
messages (on a public listener) should be handled during the SMTP conversation or within the
workqueue. See “Accept Queries” in the “Customizing Listeners” chapter of the Cisco IronPort AsyncOS
for Email Advanced Configuration Guide. This allows the Cisco IronPort appliance to combat directory
harvest attacks (DHAP) in a unique way: the system accepts the message and performs the LDAP
acceptance validation within the SMTP conversation or the work queue. If the recipient is not found in
the LDAP directory, you can configure the system to perform a delayed bounce or drop the message
entirely.
For more information, see the “LDAP Queries” chapter in the Cisco IronPort AsyncOS for Email
Advanced Configuration Guide.
Advanced Configuration Guide.
Masquerading or LDAP Masquerading
Masquerading is a feature that rewrites the envelope sender (also known as the sender, or
MAIL FROM
)
and the To:, From:, and/or CC: headers on email processed by a private listener according to a table you
construct. You can specify different masquerading parameters for each listener you create in one of two
ways: via a static mapping table, or via an LDAP query.
construct. You can specify different masquerading parameters for each listener you create in one of two
ways: via a static mapping table, or via an LDAP query.
For more information about masquerading via a static mapping table, see “Configuring Masquerading”
in the “Configuring Routing and Delivery Features” chapter of the Cisco IronPort AsyncOS for Email
Advanced Configuration Guide.
in the “Configuring Routing and Delivery Features” chapter of the Cisco IronPort AsyncOS for Email
Advanced Configuration Guide.
For more information about masquerading via an LDAP query, see the “LDAP Queries” chapter in the
Cisco IronPort AsyncOS for Email Advanced Configuration Guide.
Cisco IronPort AsyncOS for Email Advanced Configuration Guide.
LDAP Routing
You can configure your Cisco IronPort appliance to route messages to the appropriate address and/or
mail host based upon the information available in LDAP directories on your network.
mail host based upon the information available in LDAP directories on your network.
For more information, see “LDAP Queries” in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide.
Configuration Guide.