Cisco Cisco Email Security Appliance C190 Guía Del Usuario
Chapter 3 LDAP Queries
3-206
Cisco IronPort AsyncOS 7.1 for Email Advanced Configuration Guide
OL-22164-02
This feature is also displayed when editing any mail flow policy in the GUI,
providing that LDAP queries have been configured on the corresponding listener:
providing that LDAP queries have been configured on the corresponding listener:
Figure 3-15
DHAP Prevention Feature in GUI
Entering a number of invalid recipients per hour enables DHAP for that mail flow
policy. By default, 25 invalid recipients per hour are allowed for public listeners.
For private listeners, the maximum invalid recipients per hour is unlimited by
default. Setting it to “Unlimited” means that DHAP is not enabled for that mail
flow policy.
policy. By default, 25 invalid recipients per hour are allowed for public listeners.
For private listeners, the maximum invalid recipients per hour is unlimited by
default. Setting it to “Unlimited” means that DHAP is not enabled for that mail
flow policy.
Configuring AsyncOS for SMTP Authentication
AsyncOS provides support for SMTP authentication. SMTP Auth is a mechanism
for authenticating clients connected to an SMTP server.
for authenticating clients connected to an SMTP server.
The practical use of this mechanism is that users at a given organization are able
to send mail using that entity’s mail servers even if they are connecting remotely
(e.g. from home or while traveling). Mail User Agents (MUAs) can issue an
authentication request (challenge/response) when attempting to send a piece of
mail.
to send mail using that entity’s mail servers even if they are connecting remotely
(e.g. from home or while traveling). Mail User Agents (MUAs) can issue an
authentication request (challenge/response) when attempting to send a piece of
mail.
Users can also use SMTP authentication for outgoing mail relays. This allows the
IronPort appliance to make a secure connection to a relay server in configurations
where the appliance is not at the edge of the network.
IronPort appliance to make a secure connection to a relay server in configurations
where the appliance is not at the edge of the network.
AsyncOS complies with RFC 2554 which defines how an authentication
command may be given in an SMTP conversation, the responses to the
negotiation, and any error codes that may need to be generated.
command may be given in an SMTP conversation, the responses to the
negotiation, and any error codes that may need to be generated.
AsyncOS supports two methods to authenticate user credentials:
•
You can use an LDAP directory.
•
You can use a different SMTP server (SMTP Auth forwarding and SMTP
Auth outgoing).
Auth outgoing).