Cisco Cisco Email Security Appliance C170 ユーザーガイド
Chapter 4 Understanding the Email Pipeline
4-98
Cisco IronPort AsyncOS 7.1 for Email Configuration Guide
OL-22158-02
LDAP Recipient Acceptance
You can use your existing LDAP infrastructure to define how the recipient email
address of incoming messages (on a public listener) should be handled during the
SMTP conversation or within the workqueue. See “Accept Queries” in the
“Customizing Listeners” chapter of the Cisco IronPort AsyncOS for Email
Advanced Configuration Guide. This allows the IronPort appliance to combat
directory harvest attacks (DHAP) in a unique way: the system accepts the
message and performs the LDAP acceptance validation within the SMTP
conversation or the work queue. If the recipient is not found in the LDAP
directory, you can configure the system to perform a delayed bounce or drop the
message entirely.
address of incoming messages (on a public listener) should be handled during the
SMTP conversation or within the workqueue. See “Accept Queries” in the
“Customizing Listeners” chapter of the Cisco IronPort AsyncOS for Email
Advanced Configuration Guide. This allows the IronPort appliance to combat
directory harvest attacks (DHAP) in a unique way: the system accepts the
message and performs the LDAP acceptance validation within the SMTP
conversation or the work queue. If the recipient is not found in the LDAP
directory, you can configure the system to perform a delayed bounce or drop the
message entirely.
For more information, see the “LDAP Queries” chapter in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
AsyncOS for Email Advanced Configuration Guide.
Work Queue / Routing
The Work Queue is where the received message is processed before moving to the
delivery phase. Processing includes masquerading, routing, filtering,
safelist/blocklist scanning, anti-spam and anti-virus scanning, Virus Outbreak
Filters, and quarantining.
delivery phase. Processing includes masquerading, routing, filtering,
safelist/blocklist scanning, anti-spam and anti-virus scanning, Virus Outbreak
Filters, and quarantining.
Note
Data loss prevention (DLP) scanning is only available for outgoing messages. For
information on where DLP message scanning occurs in the Work Queue, see
information on where DLP message scanning occurs in the Work Queue, see
Email Pipeline and Security Services
Note, as a general rule, changes to security services (anti-spam scanning,
anti-virus scanning, and Virus Outbreak Filters) do not affect messages already in
the work queue. As an example:
anti-virus scanning, and Virus Outbreak Filters) do not affect messages already in
the work queue. As an example:
If a message bypasses anti-virus scanning when it first enters the pipeline because
of any of these reasons:
of any of these reasons:
–
anti-virus scanning was not enabled globally for the appliance, or