Cisco Cisco Email Security Appliance C160 Mode D'Emploi
7-25
User Guide for AsyncOS 9.8 for Cisco Email Security Appliances
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
Verifying Senders
Injection Control Periodicity
A global configuration option exists to allow you to adjust when the injection control counters are reset.
For very busy systems maintaining counters for a very large number of different IP addresses,
configuring the counters to be reset more frequently (for example, every 15 minutes instead of every 60
minutes) will ensure that the data does not grow to an unmanageable size and impact system
performance.
For very busy systems maintaining counters for a very large number of different IP addresses,
configuring the counters to be reset more frequently (for example, every 15 minutes instead of every 60
minutes) will ensure that the data does not grow to an unmanageable size and impact system
performance.
The current default value is 3600 seconds (1 hour).You can specify periods ranging from as little as 1
minute (60 seconds) to as long as 4 hours (14,400 seconds).
minute (60 seconds) to as long as 4 hours (14,400 seconds).
Adjust this period via the GUI, using the global settings (for more information, see
You can also adjust this period using the
listenerconfig -> setup
command in the CLI. For more
information on listenerconfig command, see the CLI Reference Guide for AsyncOS for Cisco Email
Security Appliances.
Security Appliances.
Verifying Senders
Spam and unwanted mail is frequently sent by senders whose domains or IP addresses cannot be resolved
by DNS. DNS verification means that you can get reliable information about senders and process mail
accordingly. Sender verification prior to the SMTP conversation (connection filtering based on DNS
lookups of the sender’s IP address) also helps reduce the amount of junk email processed through the
mail pipeline on the appliance.
by DNS. DNS verification means that you can get reliable information about senders and process mail
accordingly. Sender verification prior to the SMTP conversation (connection filtering based on DNS
lookups of the sender’s IP address) also helps reduce the amount of junk email processed through the
mail pipeline on the appliance.
Mail from unverified senders is not automatically discarded. Instead, AsyncOS provides sender
verification settings that allow you to determine how the appliance handles mail from unverified senders:
you can configure your appliance to automatically block all mail from unverified senders prior to the
SMTP conversation or throttle unverified senders, for example.
verification settings that allow you to determine how the appliance handles mail from unverified senders:
you can configure your appliance to automatically block all mail from unverified senders prior to the
SMTP conversation or throttle unverified senders, for example.
The sender verification feature consists of the following components:
•
Verification of the connecting host. This occurs prior to the SMTP conversation. For more
information, see
information, see
•
Verification of the domain portion of the envelope sender. This occurs during the SMTP
conversation. For more information, see
conversation. For more information, see
Related Topics
•
•
•
•
•
Sender Verification: Host
Senders can be unverified for different reasons. For example, the DNS server could be “down” or not
responding, or the domain may not exist. Host DNS verification settings for sender groups allow you to
classify unverified senders prior to the SMTP conversation and include different types of unverified
senders in your various sender groups.
responding, or the domain may not exist. Host DNS verification settings for sender groups allow you to
classify unverified senders prior to the SMTP conversation and include different types of unverified
senders in your various sender groups.