Cisco Cisco Email Security Appliance C170 Guía Del Usuario
Chapter 1 Customizing Listeners
1-24
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
The “Classification” stage uses the sending host’s IP address to classify an
inbound SMTP session (received on a public listener) into a Sender Group. The
Mail Flow Policy associated with that Sender Group may have parameters for rate
limiting enabled. (Rate limiting limits the maximum number of messages per
session, the maximum number of recipients per message, the maximum message
size, and/or the maximum number of concurrent connections you are willing to
accept from a remote host.)
inbound SMTP session (received on a public listener) into a Sender Group. The
Mail Flow Policy associated with that Sender Group may have parameters for rate
limiting enabled. (Rate limiting limits the maximum number of messages per
session, the maximum number of recipients per message, the maximum message
size, and/or the maximum number of concurrent connections you are willing to
accept from a remote host.)
Normally, in this process, recipients are counted against each sender in the
corresponding named sender group. If mail is received from several senders in the
same hour, the total recipients for all senders is compared against the limit.
corresponding named sender group. If mail is received from several senders in the
same hour, the total recipients for all senders is compared against the limit.
There are some exceptions to this counting methodology:
Step 1
If the classification is done by Network Owner, then the SenderBase Information
Service will automatically divide a large block of addresses into smaller blocks.
Service will automatically divide a large block of addresses into smaller blocks.
Counting of recipients and recipient rate limiting is done separately for each
of these smaller blocks (usually, but not always, the equivalent of a /24 CIDR
block).
of these smaller blocks (usually, but not always, the equivalent of a /24 CIDR
block).
Step 2
If the HAT Significant Bits feature is used. In this case, a large block of addresses
may be divided into smaller blocks by applying the significant bits parameter
associated with the policy.
may be divided into smaller blocks by applying the significant bits parameter
associated with the policy.
Note that this parameter relates to the Mail Flow Policy -> Rate Limiting
phase. It is not the same as the “bits” field in the “network/bits” CIDR
notation that may be used to classify IP addresses in a Sender Group.
phase. It is not the same as the “bits” field in the “network/bits” CIDR
notation that may be used to classify IP addresses in a Sender Group.
By default, SenderBase Reputation Filters and IP Profiling support are enabled
for public listeners and disabled for private listeners.
for public listeners and disabled for private listeners.
Timeouts for SenderBase Queries
The method by which queries to the SenderBase information service — for both
SenderBase DNS queries and SenderBase Reputation Service Scores (SBRS
Scores) — are configured has been improved beginning with the 4.0 release of
AsyncOS. Previously, the configurable timeout value maximum of 5 seconds
could cause a delay in mail processing for some IronPort appliances experiencing
heavy load if the SenderBase information services were unreachable or
unavailable.
SenderBase DNS queries and SenderBase Reputation Service Scores (SBRS
Scores) — are configured has been improved beginning with the 4.0 release of
AsyncOS. Previously, the configurable timeout value maximum of 5 seconds
could cause a delay in mail processing for some IronPort appliances experiencing
heavy load if the SenderBase information services were unreachable or
unavailable.