Cisco Cisco Email Security Appliance C370D Mode D'Emploi
7-29
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
Verifying Senders
Related Topics
•
•
•
•
•
Throttling Messages from Unverified Senders Using the SUSPECTLIST Sender Group
Procedure
Step 1
Select Mail Policies > HAT Overview.
Step 2
Click SUSPECTLIST in the list of sender groups.
Step 3
Click Edit Settings.
Step 4
Select the THROTTLED policy from the list.
Step 5
Check the “Connecting host reverse DNS lookup (PTR) does not match the forward DNS lookup (A)”
checkbox under Connecting Host DNS Verification.
checkbox under Connecting Host DNS Verification.
Step 6
Submit and commit your changes.
Now, senders for which reverse DNS lookups fail will match the SUSPECTLIST sender group and will
receive the default action from the THROTTLED mail flow policy.
receive the default action from the THROTTLED mail flow policy.
Table 7-9
Sender Verification: Suggested Settings
Sender Group
Policy
Include
UNVERIFIED
SUSPECTLIST
THROTTLEMORE
THROTTLED
Prior to SMTP conversation:
Connecting host PTR record does not exist in the DNS.
Connecting host reverse DNS lookup (PTR) does not match
the forward DNS lookup (A).
the forward DNS lookup (A).
ACCEPTED
Envelope Sender Verification during SMTP conversation:
- Malformed MAIL FROM:
- Envelope sender does not exist in DNS.
- Envelope sender DNS does not resolve.