Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
5-75
Cisco IronPort AsyncOS 7.5 for Email Configuration Guide
OL-25136-01
Chapter 5 Configuring the Gateway to Receive Email
To configure bypassing LDAP acceptance queries via the CLI, answer yes to the
following question when you enter recipients using the
following question when you enter recipients using the
listenerconfig -> edit
-> rcptaccess
command:
When you configure a RAT entry to bypass LDAP acceptance, be aware that the
order of RAT entries affects how recipient addresses are matched. The RAT
matches the recipient address with the first RAT entry that qualifies. For example,
you have the following RAT entries: postmaster@ironport.com and ironport.com.
You configure the entry for postmaster@ironport.com to bypass LDAP
acceptance queries, and you configure the entry for ironport.com for ACCEPT.
When you receive mail for postmaster@ironport.com, the LDAP acceptance
bypass will occur only if the entry for postmaster@ironport.com is before the
entry for ironport.com. If the entry for ironport.com is before the
postmaster@ironport.com entry, the RAT matches the recipient address to this
entry and applies the ACCEPT action.
order of RAT entries affects how recipient addresses are matched. The RAT
matches the recipient address with the first RAT entry that qualifies. For example,
you have the following RAT entries: postmaster@ironport.com and ironport.com.
You configure the entry for postmaster@ironport.com to bypass LDAP
acceptance queries, and you configure the entry for ironport.com for ACCEPT.
When you receive mail for postmaster@ironport.com, the LDAP acceptance
bypass will occur only if the entry for postmaster@ironport.com is before the
entry for ironport.com. If the entry for ironport.com is before the
postmaster@ironport.com entry, the RAT matches the recipient address to this
entry and applies the ACCEPT action.
Default RAT Entries
For all public listeners you create, by default, the RAT is set to reject email from
all recipients:
all recipients:
In the Recipient Access Table Overview listing, the default entry is named “All
Other Recipients.”
Other Recipients.”
Note
By default, the RAT rejects all recipients so that you do not accidentally create an
open relay on the Internet. An open relay (sometimes called an “insecure relay”
or a “third-party” relay) is an SMTP email server that allows third-party relay of
email messages. By processing mail that is neither for — nor from — a local user,
an open relay makes it possible for an unscrupulous sender to route large volumes
of spam through your gateway. Use caution when changing the default values of
Recipient Access Tables for public listeners you create.
open relay on the Internet. An open relay (sometimes called an “insecure relay”
or a “third-party” relay) is an SMTP email server that allows third-party relay of
email messages. By processing mail that is neither for — nor from — a local user,
an open relay makes it possible for an unscrupulous sender to route large volumes
of spam through your gateway. Use caution when changing the default values of
Recipient Access Tables for public listeners you create.
You can not delete the default “ALL” entry from the RAT.
Would you like to bypass LDAP ACCEPT for this entry? [Y]>
y
ALL
REJECT