Cisco Cisco Email Security Appliance C160 Mode D'Emploi
5-28
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 5 Configuring the Gateway to Receive Email
into your gateway and be able to make changes to a listener’s HAT in real-time. (You can add IP
addresses, domains, or organizations to an existing sender group, edit the existing or pre-defined
policies, or create new mail flow policies.)
addresses, domains, or organizations to an existing sender group, edit the existing or pre-defined
policies, or create new mail flow policies.)
WHITELIST
Add senders you trust to the Whitelist sender group. The $TRUSTED mail flow policy is configured so
that email from senders you trust has no rate limiting enabled, and the content from those senders is not
scanned by the Anti-Spam or Anti-Virus software.
that email from senders you trust has no rate limiting enabled, and the content from those senders is not
scanned by the Anti-Spam or Anti-Virus software.
BLACKLIST
Senders in the Blacklist sender group are rejected (by the parameters set in the $BLOCKED mail flow
policy). Adding senders to this group rejects connections from those hosts by returning a 5XX SMTP
response in the SMTP HELO command.
policy). Adding senders to this group rejects connections from those hosts by returning a 5XX SMTP
response in the SMTP HELO command.
SUSPECTLIST
The Suspectlist sender group contains a mail flow policy that throttles, or slows, the rate of incoming
mail. If senders are suspicious, you can add them to the Suspectlist sender group, where the mail flow
policy dictates that:
mail. If senders are suspicious, you can add them to the Suspectlist sender group, where the mail flow
policy dictates that:
•
Rate limiting limits the maximum number of messages per session, the maximum number of
recipients per message, the maximum message size, and the maximum number of concurrent
connections you are willing to accept from a remote host.
recipients per message, the maximum message size, and the maximum number of concurrent
connections you are willing to accept from a remote host.
•
The maximum recipients per hour from the remote host is set to 20 recipients per hour. Note that
this setting is the maximum throttling available. You can increase the number of recipients to receive
per hour if this parameter is too aggressive.
this setting is the maximum throttling available. You can increase the number of recipients to receive
per hour if this parameter is too aggressive.
•
The content of messages will be scanned by the anti-spam scanning engine and the anti-virus
scanning engine (if you have these feature enabled for the system).
scanning engine (if you have these feature enabled for the system).
•
The Cisco IronPort SenderBase Reputation Service will be queried for more information about the
sender.
sender.
UNKNOWNLIST
The Unknownlist sender group may be useful if you are undecided about the mail flow policy you should
use for a given sender. The mail flow policy for this group dictates that mail is accepted for senders in
this group, but the Cisco IronPort Anti-Spam software (if enabled for the system), the anti-virus scanning
engine, and the Cisco IronPort SenderBase Reputation Service should all be used to gain more
information about the sender and the message content. Rate limits for senders in this group are also
enabled with default values. For more information on virus scanning engines, see
use for a given sender. The mail flow policy for this group dictates that mail is accepted for senders in
this group, but the Cisco IronPort Anti-Spam software (if enabled for the system), the anti-virus scanning
engine, and the Cisco IronPort SenderBase Reputation Service should all be used to gain more
information about the sender and the message content. Rate limits for senders in this group are also
enabled with default values. For more information on virus scanning engines, see
. For more information on the SenderBase Reputation Service, see
.
Predefined Mail Flow Policies for Private Listeners
When combined with an access rule (RELAY or REJECT), the parameters listed in
are
predefined as the following two mail flow policies for each private listener you create:
•
$RELAYED