Cisco Cisco Email Security Appliance C190 사용자 가이드
22-28
User Guide for AsyncOS 10.0 for Cisco Email Security Appliances
Chapter 22 Email Authentication
Determining the Action to Take for SPF/SIDF Verified Mail
The Received-SPF Header
When you configure AsyncOS for SPF/SIDF verification, it places an SPF/SIDF verification header
(
(
Received-SPF
) in the email. The
Received-SPF
header contains the following information:
•
verification result - the SPF verification result (see
•
identity - the identity that SPF verification checked: HELO, MAIL FROM, or PRA.
•
receiver - the verifying host name (which performs the check).
•
client IP address - the IP address of the SMTP client.
•
ENVELOPE FROM - the envelope sender mailbox. (Note that this may be different from the MAIL
FROM identity, as the MAIL FROM identity cannot be empty.)
FROM identity, as the MAIL FROM identity cannot be empty.)
•
x-sender - the value of the HELO, MAIL FROM, or PRA identity.
•
x-conformance - the level of conformance (see
) and whether a downgrade of the PRA check was performed.
The following example shows a header added for a message that passed the SPF/SIDF check:
Note
The
spf-status
and
spf-passed
filter rules use the received-SPF header to determine the status of the
SPF/SIDF verification.
Determining the Action to Take for SPF/SIDF Verified Mail
When you receive SPF/SIDF verified mail, you may want to take different actions depending on the
results of the SPF/SIDF verification. You can use the following message and content filter rules to
determine the status of SPF/SIDF verified mail and perform actions on the messages based on the
verification results:
results of the SPF/SIDF verification. You can use the following message and content filter rules to
determine the status of SPF/SIDF verified mail and perform actions on the messages based on the
verification results:
•
spf-status
. This filter rule determines actions based on the SPF/SIDF status. You can enter a
different action for each valid SPF/SIDF return value.
•
spf-passed
. This filter rule generalizes the SPF/SIDF results as a Boolean value.
Note
The
spf-passed
filter rule is only available in message filters.
You can use the
spf-status
rule when you want to address more granular results, and use the
spf-passed
rule when you want to create a simple Boolean.
Related Topics
•
•
•
Received-SPF: Pass identity=pra; receiver=box.example.com;
client-ip=1.2.3.4; envelope-from="alice@fooo.com";
x-sender="alice@company.com"; x-conformance=sidf_compatible