Cisco Cisco Email Security Appliance C690 사용자 가이드
21-16
User Guide for AsyncOS 9.7 for Cisco Email Security Appliances
Chapter 21 Email Authentication
How to Verify Incoming Messages Using DKIM
Lines such as these are added to the mail logs upon DKIM signing:
How to Verify Incoming Messages Using DKIM
Related Topics
•
•
•
•
DKIM Verification Checks Performed by AsyncOS
When you configure an AsyncOS appliance for DKIM verification, the following checks are performed:
Procedure
Step 1
AsyncOS checks for the DKIM-Signature field in incoming mail, the syntax of the signature header,
valid tag values, and required tags. If the signature fails any of these checks, AsyncOS returns a permfail.
valid tag values, and required tags. If the signature fails any of these checks, AsyncOS returns a permfail.
Step 2
After the signature check is performed, the public key is retrieved from the public DNS record, and the
TXT record is validated. If errors are encountered during this process, AsyncOS returns a permfail. A
tempfail occurs if the DNS query for the public key fails to get a response.
TXT record is validated. If errors are encountered during this process, AsyncOS returns a permfail. A
tempfail occurs if the DNS query for the public key fails to get a response.
Step 3
After retrieving the public key, AsyncOS checks the hashed values and verifies the signature. If any
failures occur during this step, AsyncOS returns a permfail.
failures occur during this step, AsyncOS returns a permfail.
Step 4
If the checks all pass, AsyncOS returns a pass.
Tue Aug 28 15:29:54 2007 Info: MID 372 DKIM: signing with dkim-profile - matches
user@example.com
Tue Aug 28 15:34:15 2007 Info: MID 373 DKIM: cannot sign - no profile matches
user2@example.com
Table 21-1
How to Verify Incoming Messages Using DKIM
Do This
More Info
Step 1
Create a profile for verifying messages using
DKIM.
DKIM.
.
Step 2
(Optional) Create a custom mail flow policy to
use for verifying incoming messages using
DKIM.
use for verifying incoming messages using
DKIM.
Step 3
Configure your mail flow policies to verify
incoming messages using DKIM.
incoming messages using DKIM.
Step 4
Define the action that the Email Security
appliance takes on verified messages.
appliance takes on verified messages.
Step 5
Associate the action with groups of specific
senders or recipients.
senders or recipients.