Cisco Cisco Email Security Appliance X1070 Mode D'Emploi

SMTP Authentication

Allows, disallow, or requires SMTP Authentication from remote hosts 
connecting to the listener. SMTP Authentication is described in detail 
in the “LDAP Queries” chapter.

If Both TLS and SMTP 
Authentication are enabled:

Require TLS to offer SMTP Authentication.

Domain Key/ DKIM Signing Enable Domain Keys or DKIM signing on this listener (ACCEPT and 

RELAY only).

DKIM Verification

Enable DKIM verification.

 S/MIME 
Decryption/Verification

Enable S/MIME decryption or verification. 

Choose whether to retain or remove the digital signature from the 
messages after S/MIME verification. For triple wrapped messages, 
only the inner signature is retained or removed. 

S/MIME Public Key 
Harvesting

Enable S/MIME public key harvesting.

Harvest Certificates on 
Verification Failure

Choose whether to harvest public keys if the verification of the 
incoming signed messages fail.

Store Updated Certificate

Choose whether to harvest updated public keys.

Enable SPF/SIDF 
Verification

Enable SPF/SIDF signing on this listener. For more information, see 

Conformance Level

Set the SPF/SIDF conformance level. You can choose from SPF, SIDF 
or SIDF Compatible. For details, see 

 Downgrade PRA 
verification result if 
'Resent-Sender:' or 
'Resent-From:' were used: 

If you choose a conformance level of SIDF compatible, configure 
whether you want to downgrade Pass result of the PRA Identity 
verification to None if there are Resent-Sender: or Resent-From: 
headers present in the message. You may choose this option for security 
purposes.

HELO Test

Configure whether you want to perform a test against the HELO 
identity (Use this for SPF and SIDF Compatible conformance levels). 

Enable DMARC Verification Enable DMARC verification on this listener. For more information, see 

.

Use DMARC Verification 
Profile

Select the DMARC verification profile that you want to use on this 
listener.