Cisco Cisco Email Security Appliance C190 Guía Del Usuario
5-117
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
Chapter 5 Configuring the Gateway to Receive Email
Note
By rejecting all hosts other than the ones you specify, the
listenerconfig
and
systemsetup
commands prevent you from unintentionally configuring your
system as an “open relay.” An open relay (sometimes called an “insecure relay”
or a “third party” relay) is an SMTP email server that allows third-party relay of
email messages. By processing email that is neither for nor from a local user, an
open relay makes it possible for an unscrupulous sender to route large volumes of
spam through your gateway.
or a “third party” relay) is an SMTP email server that allows third-party relay of
email messages. By processing email that is neither for nor from a local user, an
open relay makes it possible for an unscrupulous sender to route large volumes of
spam through your gateway.
Mail Flow Policies: Access Rules and Parameters
Mail Flow Policies of the HAT allow you to control or limit the rates at which the
listener will receive mail from remote hosts. You can also modify the SMTP codes
and responses communicated during the SMTP conversation.
listener will receive mail from remote hosts. You can also modify the SMTP codes
and responses communicated during the SMTP conversation.
The HAT has four basic access rules for acting on connections from remote hosts:
Step 1
ACCEPT
Connection is accepted, and email acceptance is then further restricted by
listener settings, including the Recipient Access Table (for public listeners).
listener settings, including the Recipient Access Table (for public listeners).
Step 2
REJECT
Connection is initially accepted, but the client attempting to connect gets a
4XX or 5XX greeting. No email is accepted.
4XX or 5XX greeting. No email is accepted.
Note
You can also configure AsyncOS to perform this rejection at the message
recipient level (RCPT TO), rather than at the start of the SMTP
conversation. Rejecting messages in this way delays the message
rejection and bounces the message, allowing AsyncOS to retain more
detailed information about the rejected messages. This setting is
configured from the CLI
recipient level (RCPT TO), rather than at the start of the SMTP
conversation. Rejecting messages in this way delays the message
rejection and bounces the message, allowing AsyncOS to retain more
detailed information about the rejected messages. This setting is
configured from the CLI
listenerconfig --> setup
command. For
more information, see “Customizing Listeners” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
AsyncOS for Email Advanced Configuration Guide.
Step 3
TCPREFUSE
Connection is refused at the TCP level.