Cisco Cisco Email Security Appliance C650 Guía Del Usuario
24-53
AsyncOS 9.1.2 for Cisco Email Security Appliances User Guide
Chapter 24 Configuring Routing and Delivery Features
Bounce Verification
Note
When delivering non-bounce mail to your own internal mail server (Exchange, etc.), you should disable
Bounce Verification tagging for that internal domain.
Bounce Verification tagging for that internal domain.
AsyncOS considers bounces as mail with a null Mail From address (<>). For non-bounce messages that
might contain a tagged Envelope Recipient, AsyncOS applies a more lenient policy. In such cases,
AsyncOS ignores the seven-day key expiration and tries to find a match with older keys as well.
might contain a tagged Envelope Recipient, AsyncOS applies a more lenient policy. In such cases,
AsyncOS ignores the seven-day key expiration and tries to find a match with older keys as well.
Bounce Verification Address Tagging Keys
The tagging key is a text string your appliance uses when generating the bounce verification tag. Ideally,
you would use the same key across all of your appliances so that all mail leaving your domain is tagged
consistently. That way, if one appliance tags the Envelope Sender on an outgoing message an incoming
bounce will be verified and delivered even if the bounce is received by a different appliance.
you would use the same key across all of your appliances so that all mail leaving your domain is tagged
consistently. That way, if one appliance tags the Envelope Sender on an outgoing message an incoming
bounce will be verified and delivered even if the bounce is received by a different appliance.
There is a seven day grace period for tags. For example, you may choose to change your tagging key
multiple times within a seven-day period. In such a case, your appliance will try to verify tagged
messages using all previous keys that are less than seven days old.
multiple times within a seven-day period. In such a case, your appliance will try to verify tagged
messages using all previous keys that are less than seven days old.
Accepting Legitimate Untagged Bounced Messages
AsyncOS also includes a HAT setting related to Bounce Verification for considering whether untagged
bounces are valid. The default setting is “No,” which means that untagged bounces are considered invalid
and the appliance either rejects the message or applies a customer header, depending on the action
selected on the Mail Policies > Bounce Verification page. If you select “Yes,” the appliance considers
untagged bounces to be valid and accepts them. This may be used in the following scenario:
bounces are valid. The default setting is “No,” which means that untagged bounces are considered invalid
and the appliance either rejects the message or applies a customer header, depending on the action
selected on the Mail Policies > Bounce Verification page. If you select “Yes,” the appliance considers
untagged bounces to be valid and accepts them. This may be used in the following scenario:
Suppose you have a user that wants to send email to a mailing list. However, the mailing list accepts
messages only from a fixed set of Envelope Senders. In such a case, tagged messages from your user will
not be accepted (as the tag changes regularly).
messages only from a fixed set of Envelope Senders. In such a case, tagged messages from your user will
not be accepted (as the tag changes regularly).
Procedure
Step 1
Add the domain to which the user is trying to send mail to the Destination Controls table and disable
tagging for that domain. At this point, the user can send mail without problems.
tagging for that domain. At this point, the user can send mail without problems.
Step 2
However, to properly support receiving bounces from that domain (since they will not be tagged) you
can create a sender group for that domain and enable the Consider Untagged Bounces to be Valid
parameter in an “Accept” mail flow policy.
can create a sender group for that domain and enable the Consider Untagged Bounces to be Valid
parameter in an “Accept” mail flow policy.
Fri Jul 21 16:03:51 2006 Info: Message aborted MID 26603 Receiving aborted by sender
Fri Jul 21 16:03:51 2006 Info: Message finished MID 26603 aborted