Cisco Cisco Email Security Appliance C160 Mode D'Emploi
24-6
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 24 Validating Recipients Using an SMTP Server
Enabling a Listener to Validate Incoming Mail Via the SMTP Server
•
4xx: An SMTP code starting with a 4 means that a temporary failure has occurred in processing the
SMTP request. A retry may later be processed successfully. For example, a response of 451 means
the requested action was aborted or there was a local error in processing.
SMTP request. A retry may later be processed successfully. For example, a response of 451 means
the requested action was aborted or there was a local error in processing.
•
5xx: An SMTP code starting with 5 means a permanent failure in processing the SMTP request
occurred. For example, a response of 550 means the requested action was not taken or the mailbox
was unavailable.
occurred. For example, a response of 550 means the requested action was not taken or the mailbox
was unavailable.
•
Timeout. If no response is returned from the call-ahead server, you can configure how long to
attempt to retry before a timeout occurs.
attempt to retry before a timeout occurs.
•
Connection error. If a connection to the call-ahead server fails, you can configure whether to accept
or reject a connection for the recipient address.
or reject a connection for the recipient address.
•
Custom Response. You can configure to reject a connection with custom SMTP response (code and
text) for validation failures and temporary failures.
text) for validation failures and temporary failures.
Enabling a Listener to Validate Incoming Mail Via the SMTP
Server
Server
Once you create the SMTP Call-Ahead Server Profile, you need to enable it on a listener to allow the
listener to validate incoming mail via the SMTP server. SMTP call-ahead functionality is only available
on public listeners, as recipient validation is not necessary for private listeners.
listener to validate incoming mail via the SMTP server. SMTP call-ahead functionality is only available
on public listeners, as recipient validation is not necessary for private listeners.
Procedure
Step 1
Go to Network > Listeners.
Step 2
Click the name of the listener where you want to enable SMTP call-ahead functionality.
Step 3
In the SMTP Call Ahead Profile field, select the SMTP Call-Ahead profile you want to enable.
Step 4
Submit and commit your changes.
Configuring LDAP Routing Query Settings
If you use an LDAP routing query to route mail to a different mail host, AsyncOS uses the Alternate
Mailhost Attribute to determine the SMTP server to query. However, there are cases where you may not
want that to occur. For example, in the following schema, note that the mail host attribute (
Mailhost Attribute to determine the SMTP server to query. However, there are cases where you may not
want that to occur. For example, in the following schema, note that the mail host attribute (
mailHost
)
has a different SMTP address than the servers listed in the call-ahead SMTP server attribute
(
(
callAhead
):
dn: mail=cisco.com, ou=domains
mail: cisco.com
mailHost: smtp.mydomain.com
policy: ASAV
callAhead: smtp2.mydomain.com,smtp3.mydomain.com:9025
In this case, you can use the SMTP Call-Ahead field to create a routing query that directs the SMTP
call-ahead query to the servers listed in the
call-ahead query to the servers listed in the
callAhead
attribute. For example, you might create a routing
query with the following attributes: