Cisco Cisco Email Security Appliance C170 Guía Del Usuario
27-39
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 27 LDAP Queries
Configuring AsyncOS for SMTP Authentication
Authenticating SMTP Sessions Using Client Certificates
The Email Security appliance supports the use of client certificates to authenticate SMTP sessions
between the Email Security appliance and users’ mail clients.
between the Email Security appliance and users’ mail clients.
When creating an SMTP authentication profile, you select the Certificate Authentication LDAP query to
use for verifying the certificate. You can also specify whether the Email Security appliance falls back to
the SMTP AUTH command to authenticate the user if a client certificate isn’t available.
use for verifying the certificate. You can also specify whether the Email Security appliance falls back to
the SMTP AUTH command to authenticate the user if a client certificate isn’t available.
If your organization uses client certificates to authenticate users, you have the option of using the SMTP
Authentication query to check whether a user who doesn’t have a client certificate can send mail as long
as their record specifies that it’s allowed.
Authentication query to check whether a user who doesn’t have a client certificate can send mail as long
as their record specifies that it’s allowed.
See
for more information.
[300]>
[...]
By default HAT rejected connections will be closed with a banner
message at the start of the SMTP conversation. Would you like to do the rejection at the
message recipient level instead for more detailed logging of rejected mail?
[N]> y
Do you want to modify the SMTP RCPT TO reject response in this case?
[N]> y
Enter the SMTP code to use in the response. 550 is the standard code.
[550]> 551
Enter your custom SMTP response. Press Enter on a blank line to finish.
Sender rejected due to local mail policy.
Contact your mail admin for assistance.