Cisco Cisco Email Security Appliance C160 Mode D'Emploi

The following SPF control settings are available for the Host Access Table:

 The appliance performs the HELO identity check and accepts the None and Neutral verification results 
and rejects the others. The CLI prompts for the SMTP actions are the same for all identity types. The 
user does not define the SMTP actions for the MAIL FROM identity. The appliance automatically 
accepts all verification results for the identity. The appliance uses the default reject code and text for all 
REJECT results.

You can also configure this in the command-line interface using the 

listenerconfig

 command.

When you configure AsyncOS for SPF/SIDF verification, it places an SPF/SIDF verification header 
(

Received-SPF

) in the email. The 

Received-SPF

 header contains the following information:

SPF Only

whether to perform HELO identity check

SMTP actions taken based on the results of the 
following identity checks:

HELO identity (if enabled)

MAIL FROM Identity

SMTP response code and text returned for the REJECT 
action

verification time out (in seconds)

SIDF Compatible

whether to perform a HELO identity check

whether the verification downgrades a Pass result of the 
PRA identity to None if the Resent-Sender: or 
Resent-From: headers are present in the message

SMTP actions taken based on the results of the 
following identity checks:

HELO identity (if enabled)

MAIL FROM Identity

PRA Identity

SMTP response code and text returned for the REJECT 
action

verification timeout (in seconds)

SIDF Strict

SMTP actions taken based on the results of the 
following identity checks:

MAIL FROM Identity

PRA Identity

SMTP response code and text returned in case of SPF 
REJECT action

verification timeout (in seconds)