Cisco Cisco Email Security Appliance C650 Guía Del Usuario
Chapter 3 Configuring Routing and Delivery Features
3-140
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
Note
If limits are applied per each Virtual Gateway address, you can still effectively
implement system-wide limits by setting the Virtual Gateway limit to the
system-wide limit you want divided by the number of possible virtual gateways.
For example, if you have four Virtual Gateway addresses configured, and you do
not want to open more than 100 simultaneous connections to the domain
implement system-wide limits by setting the Virtual Gateway limit to the
system-wide limit you want divided by the number of possible virtual gateways.
For example, if you have four Virtual Gateway addresses configured, and you do
not want to open more than 100 simultaneous connections to the domain
yahoo.com
, set the Virtual Gateway limit to 25 simultaneous connections.
Note
The
delivernow
command, when acting on all domains, resets all counters
tracked in the
destconfig
command.
Controlling TLS
You can also configure the TLS (Transport Layer Security) on a per-domain basis.
If the “Required” setting is specified, a TLS connection will be negotiated from
the IronPort appliance listener to MTA(s) for the domain. If the negotiation fails,
no email will be sent through the connection. For more information, see
If the “Required” setting is specified, a TLS connection will be negotiated from
the IronPort appliance listener to MTA(s) for the domain. If the negotiation fails,
no email will be sent through the connection. For more information, see
.
You can specify whether the IronPort appliance sends an alert if the TLS
negotiation fails when delivering messages to a domain that requires a TLS
connection. The alert message contains name of the destination domain for the
failed TLS negotiation. The IronPort appliance sends the alert message to all
recipients set to receive Warning severity level alerts for System alert types. You
can manage alert recipients via the System Administration > Alerts page in the
GUI (or via the
negotiation fails when delivering messages to a domain that requires a TLS
connection. The alert message contains name of the destination domain for the
failed TLS negotiation. The IronPort appliance sends the alert message to all
recipients set to receive Warning severity level alerts for System alert types. You
can manage alert recipients via the System Administration > Alerts page in the
GUI (or via the
alertconfig
command in the CLI).
To enable TLS connection alerts, click Edit Global Settings on the Destination
Controls page or
Controls page or
destconfig -> setup
subcommand. This is a global setting, not
a per-domain setting. For information on the messages that the appliance
attempted to deliver, use the Monitor > Message Tracking page or the mail logs.
attempted to deliver, use the Monitor > Message Tracking page or the mail logs.
You must specify a certificate to use for all outgoing TLS connections. Use the
Edit Global Settings on the Destination Controls page or
Edit Global Settings on the Destination Controls page or
destconfig -> setup
subcommand to specify the certificate. For information on obtaining a certificate,
see
see
For more information on alerts, see the “System Administration” chapter of the
Cisco IronPort AsyncOS for Email Configuration Guide.
Cisco IronPort AsyncOS for Email Configuration Guide.