Cisco Cisco Email Security Appliance C190 Guía Del Usuario
21-31
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 21 Email Authentication
Testing the SPF/SIDF Results
Using the spf-passed Filter Rule
The
spf-passed
rule shows the results of SPF verification as a Boolean value. The following example
shows an
spf-passed
rule used to quarantine emails that are not marked as spf-passed:
Note
Unlike the
spf-status
rule, the
spf-passed
rule reduces the SPF/SIDF verification values to a simple
Boolean. The following verification results are treated as not passed in the
spf-passed
rule: None,
Neutral, Softfail, TempError, PermError, and Fail. To perform actions on messages based on more
granular results, use the
granular results, use the
spf-status
rule.
Testing the SPF/SIDF Results
Test the results of SPF/SIDF verification and use these results to determine how to treat SPF/SIDF
failures because different organizations implement SPF/SIDF in different ways. Use a combination of
content filters, message filters, and the Email Security Monitor - Content Filters report to test the results
of the SPF/SIDF verification.
failures because different organizations implement SPF/SIDF in different ways. Use a combination of
content filters, message filters, and the Email Security Monitor - Content Filters report to test the results
of the SPF/SIDF verification.
Your degree of dependence on SPF/SIDF verification determines the level of granularity at which you
test SPF/SIDF results.
test SPF/SIDF results.
Related Topics
•
•
Basic Granularity Test of SPF/SIDF Results
To get a basic measure of the SPF/SIDF verification results for incoming mail, you can use content filters
and the Email Security Monitor - Content Filters page. This test provides a view of the number of
messages received for each type of SPF/SIDF verification result.
and the Email Security Monitor - Content Filters page. This test provides a view of the number of
messages received for each type of SPF/SIDF verification result.
Procedure
Step 1
Enable SPF/SIDF verification for a mail flow policy on an incoming listener, and use a content filter to
configure an action to take. For information on enabling SPF/SIDF, see
configure an action to take. For information on enabling SPF/SIDF, see
quarantine-spf-unauthorized-mail:
if (not spf-passed) {
quarantine("Policy");
}