Cisco Cisco Email Security Appliance C160 Guía Del Usuario

joe+smith+folder@example.com

, only the 

+folder

 portion is ignored. If the SMTP authenticated user 

ID string is a simple username and not a fully-qualified e-mail address, only the username portion of the 
target will be examined to determine a match. The domain must be verified in a separate rule.

Also, you can use the $SMTPAuthID variable to insert the STMP authenticated user ID into headers.

The following table shows examples of comparisons between the SMTP authenticated ID and email 
addresses and whether they would match using the 

smtp-auth-id-matches 

filter rule:

The following filter checks all messages created during an authenticated SMTP session to verify that the 
addresses in the From header and the Envelope Sender match the SMTP authenticated user ID. If the 
addresses and the ID match, the filter verifies the domain. If they do not match, the appliance quarantines 
the message.

someuser

otheruser@example.com

No

someuser

someuser@example.com

Yes

someuser

someuser@another.com

Yes

SomeUser

someuser@example.com

Yes

someuser

someuser+folder@example.com

No

someuser

+

someuser+folder@example.com

Yes

someuser@example.com

someuser@forged.com

No

someuser@example.com

someuser@example.com

Yes

SomeUser@example.com

someuser@example.com

Yes

Msg_Authentication:

if (smtp-auth-id-matches("*Any"))

{

    # Always include the original authentication credentials in a

    # special header.

    insert-header("X-Auth-ID","$SMTPAuthID");

    if (smtp-auth-id-matches("*FromAddress", "+") and

        smtp-auth-id-matches("*EnvelopeFrom", "+"))

    {

        # Username matches.  Verify the domain

        if header('from') != "(?i)@(?:example\\.com|alternate\\.com)" or

           mail-from != "(?i)@(?:example\\.com|alternate\\.com)"

        {