Cisco Cisco Email Security Appliance C160 Mode D'Emploi
3-147
Cisco IronPort AsyncOS 7.3 for Email Advanced Configuration Guide
OL-23081-01
Chapter 3 Configuring Routing and Delivery Features
Use the Import Table button on the Destination Controls page or the
destconfig
-> import
command to import a configuration file.You can also export your
Destination Control entries to an INI file using the Export Table button on the
Destination Controls page or the
Destination Controls page or the
destconfig -> export
command. AsyncOS
includes the
[Default]
domain control entry in the exported INI file.
Destination Controls and the CLI
You can use the
destconfig
command in the CLI to configure Destination
Control entries. This command is discussed in the Cisco IronPort AsyncOS CLI
Reference Guide.
Reference Guide.
IronPort Bounce Verification
A “bounce” message is a new message that is sent by a receiving MTA, using the
Envelope Sender of the original email as the new Envelope Recipient. This bounce
is sent back to the Envelope Recipient (usually) with a blank Envelope Sender
(MAIL FROM: < >) when the original message is undeliverable (typically due to
a non-existent recipient address).
Envelope Sender of the original email as the new Envelope Recipient. This bounce
is sent back to the Envelope Recipient (usually) with a blank Envelope Sender
(MAIL FROM: < >) when the original message is undeliverable (typically due to
a non-existent recipient address).
Increasingly, spammers are attacking email infrastructure via misdirected bounce
attacks. These attacks consist of a flood of bounce messages, sent by unknowing,
legitimate mail servers. Basically, the process spammers use is to send email via
open relays and “zombie” networks to multiple, potentially invalid addresses
(Envelope Recipients) at various domains. In these messages, the Envelope
Sender is forged so that the spam appears to be coming from a legitimate domain
(this is known as a “Joe job”).
attacks. These attacks consist of a flood of bounce messages, sent by unknowing,
legitimate mail servers. Basically, the process spammers use is to send email via
open relays and “zombie” networks to multiple, potentially invalid addresses
(Envelope Recipients) at various domains. In these messages, the Envelope
Sender is forged so that the spam appears to be coming from a legitimate domain
(this is known as a “Joe job”).
In turn, for each incoming email with an invalid Envelope Recipient, the receiving
mail servers generate a new email — a bounce message — and send it along to
the Envelope Sender at the innocent domain (the one whose Envelope Sender
address was forged). As a result, this target domain receives a flood of
“misdirected” bounces — potentially millions of messages. This type of
distributed denial of service attack can bring down email infrastructure and render
it impossible for the target to send or receive legitimate email.
mail servers generate a new email — a bounce message — and send it along to
the Envelope Sender at the innocent domain (the one whose Envelope Sender
address was forged). As a result, this target domain receives a flood of
“misdirected” bounces — potentially millions of messages. This type of
distributed denial of service attack can bring down email infrastructure and render
it impossible for the target to send or receive legitimate email.
To combat these misdirected bounce attacks, AsyncOS includes IronPort Bounce
Verification. When enabled, IronPort Bounce Verification tags the Envelope
Sender address for messages sent via your IronPort appliance. The Envelope
Recipient for any bounce message received by the IronPort appliance is then
Verification. When enabled, IronPort Bounce Verification tags the Envelope
Sender address for messages sent via your IronPort appliance. The Envelope
Recipient for any bounce message received by the IronPort appliance is then