Cisco Cisco Email Security Appliance X1050 Guía Del Usuario
Chapter 5 Configuring the Gateway to Receive Email
5-138
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
Use the Network > Listeners page or
listenerconfig -> setup
command in the
CLI to enable a listener to query the SenderBase Reputation Service. You can also
define the timeout value that the appliance should wait when querying the
SenderBase Reputation Service. Then, you can configure different policies to use
look ups to the SenderBase Reputation Service by using the values in the Mail
Policies Pages in the GUI or the
define the timeout value that the appliance should wait when querying the
SenderBase Reputation Service. Then, you can configure different policies to use
look ups to the SenderBase Reputation Service by using the values in the Mail
Policies Pages in the GUI or the
listenerconfig -> edit -> hostaccess
commands in the CLI.
Note
You can also create message filters to specify “thresholds” for SenderBase
Reputation Scores to further act upon messages processed by the system. For
more information, see “SenderBase Reputation Rule,” “Bypass Anti-Spam
System Action,” and “Bypass Anti-Virus System Action” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
Reputation Scores to further act upon messages processed by the system. For
more information, see “SenderBase Reputation Rule,” “Bypass Anti-Spam
System Action,” and “Bypass Anti-Virus System Action” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
Sender Groups Defined by Querying DNS Lists in the HAT
You also have the ability in a listener’s HAT to define a sender group as matching
a query to a specific DNS List sever. The query is performed via DNS at the time
of the remote client’s connection. The ability to query a remote list also exists
currently as a message filter rule (see “DNS List Rule” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide), but only once the message
content has been received in full.
a query to a specific DNS List sever. The query is performed via DNS at the time
of the remote client’s connection. The ability to query a remote list also exists
currently as a message filter rule (see “DNS List Rule” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide), but only once the message
content has been received in full.
This mechanism allows you to configure a sender within a group that queries a
DNS List so that you can adjust your mail flow policies accordingly. For example,
you could reject connections or limit the behavior of the connecting domain.
DNS List so that you can adjust your mail flow policies accordingly. For example,
you could reject connections or limit the behavior of the connecting domain.
Note
Some DNS Lists use variable responses (for example, “127.0.0.1” versus
“127.0.0.2” versus “127.0.0.3”) to indicate various facts about the IP address
being queried against. If you use the message filter DNS List rule (see “DNS List
Rule” in the Cisco IronPort AsyncOS for Email Advanced Configuration Guide),
you can compare the result of the query against different values. However,
specifying a DNS List server to be queried in the HAT only supports a Boolean
operation for simplicity (that is, does the IP address appear in the list or not)
“127.0.0.2” versus “127.0.0.3”) to indicate various facts about the IP address
being queried against. If you use the message filter DNS List rule (see “DNS List
Rule” in the Cisco IronPort AsyncOS for Email Advanced Configuration Guide),
you can compare the result of the query against different values. However,
specifying a DNS List server to be queried in the HAT only supports a Boolean
operation for simplicity (that is, does the IP address appear in the list or not)