Cisco Cisco Email Security Appliance C160 Mode D'Emploi

7-10

Cisco AsyncOS 8.5 for Email User Guide

Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)

Understanding Predefined Sender Groups and Mail Flow Policies

Testing HAT Variables

To test these variables, add the IP address of a known, trusted machine to the $WHITELIST sender group
of a listener on the appliance. Then, connect from that machine via telnet. You can see the variable
substitution in the SMTP response. For example:

Understanding Predefined Sender Groups and Mail Flow
Policies

Table 7-6

lists the predefined sender groups and mail flow policies that are configured when a public

listener is created.

Enter the SMTP code to use in the response. 220 is the standard code.

[220]> 200

Enter your custom SMTP response. Press Enter on a blank line to finish.

You've connected from the hostname: $Hostname, IP address of: $RemoteIP, matched the

group: $Group, $HATEntry and the SenderBase Organization: $OrgID.

# telnet IP_address_of_Email_Security_Appliance

220 hostname ESMTP

200 You've connected from the hostname: hostname, IP address of:

IP-address_of_connecting_machine, matched the group: WHITELIST, 10.1.1.1 the SenderBase

Organization: OrgID.

Table 7-6

Predefined Sender Groups and Mail Flow Policies for Public Listeners

Predefined Sender Group

Description

Default Configured
Mail Flow Policy

WHITELIST

Add senders you trust to the Whitelist sender
group. The $TRUSTED mail flow policy is
configured so that email from senders you trust
has no rate limiting enabled, and the content from
those senders is not scanned by the Anti-Spam or
Anti-Virus software.

$TRUSTED

BLACKLIST

Senders in the Blacklist sender group are rejected
(by the parameters set in the $BLOCKED mail
flow policy). Adding senders to this group rejects
connections from those hosts by returning a 5XX
SMTP response in the SMTP HELO command.

$BLOCKED