Cisco Cisco Email Security Appliance C170 사용자 가이드
5-24
Cisco IronPort AsyncOS 7.6 for Email Configuration Guide
OL-25136-01
Chapter 5 Configuring the Gateway to Receive Email
. However, if you are modifying an exported HAT in a text file, the syntax for including
. See “Customizing Listeners” in the Cisco
IronPort AsyncOS for Email Advanced Configuration Guide.
Note
Network owners added to a HAT via the GUI use the syntax
SBO:
n, where n is the network owner’s
unique identification number in the SenderBase Reputation Service.
Use the Network > Listeners page or
listenerconfig -> setup
command in the CLI to enable a listener
to query the SenderBase Reputation Service. You can also define the timeout value that the appliance
should wait when querying the SenderBase Reputation Service. Then, you can configure different
policies to use look ups to the SenderBase Reputation Service by using the values in the Mail Policies
Pages in the GUI or the
should wait when querying the SenderBase Reputation Service. Then, you can configure different
policies to use look ups to the SenderBase Reputation Service by using the values in the Mail Policies
Pages in the GUI or the
listenerconfig -> edit -> hostaccess
commands in the CLI.
Note
You can also create message filters to specify “thresholds” for SenderBase Reputation Scores to further
act upon messages processed by the system. For more information, see “SenderBase Reputation Rule,”
“Bypass Anti-Spam System Action,” and “Bypass Anti-Virus System Action” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
act upon messages processed by the system. For more information, see “SenderBase Reputation Rule,”
“Bypass Anti-Spam System Action,” and “Bypass Anti-Virus System Action” in the Cisco IronPort
AsyncOS for Email Advanced Configuration Guide.
Sender Groups Defined by Querying DNS Lists in the HAT
You also have the ability in a listener’s HAT to define a sender group as matching a query to a specific
DNS List sever. The query is performed via DNS at the time of the remote client’s connection. The
ability to query a remote list also exists currently as a message filter rule (see “DNS List Rule” in the
Cisco IronPort AsyncOS for Email Advanced Configuration Guide), but only once the message content
has been received in full.
DNS List sever. The query is performed via DNS at the time of the remote client’s connection. The
ability to query a remote list also exists currently as a message filter rule (see “DNS List Rule” in the
Cisco IronPort AsyncOS for Email Advanced Configuration Guide), but only once the message content
has been received in full.
This mechanism allows you to configure a sender within a group that queries a DNS List so that you can
adjust your mail flow policies accordingly. For example, you could reject connections or limit the
behavior of the connecting domain.
adjust your mail flow policies accordingly. For example, you could reject connections or limit the
behavior of the connecting domain.
Note
Some DNS Lists use variable responses (for example, “127.0.0.1” versus “127.0.0.2” versus
“127.0.0.3”) to indicate various facts about the IP address being queried against. If you use the message
filter DNS List rule (see “DNS List Rule” in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide), you can compare the result of the query against different values. However,
specifying a DNS List server to be queried in the HAT only supports a Boolean operation for simplicity
(that is, does the IP address appear in the list or not)
“127.0.0.3”) to indicate various facts about the IP address being queried against. If you use the message
filter DNS List rule (see “DNS List Rule” in the Cisco IronPort AsyncOS for Email Advanced
Configuration Guide), you can compare the result of the query against different values. However,
specifying a DNS List server to be queried in the HAT only supports a Boolean operation for simplicity
(that is, does the IP address appear in the list or not)
Table 5-10
Syntax for SenderBase Reputation Scores within a HAT
SBRS[
n
:
n
]
SenderBase Reputation Score. Senders are identified by querying the
SenderBase Reputation Service, and the scores are defined between the
ranges.
SenderBase Reputation Service, and the scores are defined between the
ranges.
SBRS[non
e]
e]
Specify no SBRS (very new domains may not have SenderBase
Reputation Scores yet).
Reputation Scores yet).