Cisco Cisco Email Security Appliance C170 사용자 가이드

When you create domain profiles, be aware that a hierarchy is used in determining the profile to associate 
with a particular user. For example, you create a profile for example.com and another profile for 
joe@example.com. When mail is sent from joe@example.com, the profile for joe@example.com is 
used. However, when mail is sent from adam@example.com, the profile for example.com is used.

Submit and commit your changes.

At this point (if you have not already) you should enable DomainKeys/DKIM signing on an outgoing 
mail flow policy (see 

If you create both a DomainKeys and DKIM profile, AsyncOS performs both DomainKeys and 
DKIM signing on outgoing mail.

To create a new signing key:

Click Add Key on the Mail Policies > Signing Keys page. The Add Key page is displayed.

Enter a name for the key. 

Click Generate and Select a key size.

Larger key sizes are more secure; however, larger keys can have an impact on performance. Cisco 
recommends a key size of 768 bits, which should provide a good balance between security and 
performance.

Click Submit. The key is generated.

Click the Commit Changes button, add an optional comment if necessary, and then click Commit 
Changes to finish adding the new signing key.

If you have not done so already, you may need to edit your domain profile to assign the key.

When you export signing keys, all of the keys currently existing on your Cisco IronPort appliance are 
exported together in a single text file. To export signing keys:

Click Export Keys on the Signing Keys page. The Export Signing Keys page is displayed:

Enter a name for the file and click Submit.