Cisco Cisco Email Security Appliance C160 Mode D'Emploi
9-41
Cisco AsyncOS 9.5 for Email User Guide
Chapter 9 Using Message Filters to Enforce Email Policies
Message Filter Rules
The filter performs matches loosely. It is not case-sensitive. If the optional sieve-char parameter is
supplied, the last portion of an address that follows the specified character will be ignored for the
purposes of comparison. For example, if the
supplied, the last portion of an address that follows the specified character will be ignored for the
purposes of comparison. For example, if the
+
character is included as a parameter, the filter ignores the
portion of the address
joe+folder@example.com
that follows the
+
character. If the address was
joe+smith+folder@example.com
, only the
+folder
portion is ignored. If the SMTP authenticated user
ID string is a simple username and not a fully-qualified e-mail address, only the username portion of the
target will be examined to determine a match. The domain must be verified in a separate rule.
target will be examined to determine a match. The domain must be verified in a separate rule.
Also, you can use the $SMTPAuthID variable to insert the STMP authenticated user ID into headers.
The following table shows examples of comparisons between the SMTP authenticated ID and email
addresses and whether they would match using the
addresses and whether they would match using the
smtp-auth-id-matches
filter rule:
The following filter checks all messages created during an authenticated SMTP session to verify that the
addresses in the From header and the Envelope Sender match the SMTP authenticated user ID. If the
addresses and the ID match, the filter verifies the domain. If they do not match, the appliance quarantines
the message.
addresses in the From header and the Envelope Sender match the SMTP authenticated user ID. If the
addresses and the ID match, the filter verifies the domain. If they do not match, the appliance quarantines
the message.
*Any
Matches messages that were created during an
authenticated SMTP session regardless of identity.
authenticated SMTP session regardless of identity.
*None
Matches messages that were not created during an
authenticated SMTP session. This is useful when
authentication is optional (preferred).
authenticated SMTP session. This is useful when
authentication is optional (preferred).
SMTP Auth ID
Sieve Char
Comparison Address
Matches?
someuser
otheruser@example.com
No
someuser
someuser@example.com
Yes
someuser
someuser@another.com
Yes
SomeUser
someuser@example.com
Yes
someuser
someuser+folder@example.com
No
someuser
+
someuser+folder@example.com
Yes
someuser@example.com
someuser@forged.com
No
someuser@example.com
someuser@example.com
Yes
SomeUser@example.com
someuser@example.com
Yes
Target
Description
Msg_Authentication:
if (smtp-auth-id-matches("*Any"))
{
# Always include the original authentication credentials in a
# special header.
insert-header("X-Auth-ID","$SMTPAuthID");