Cisco Cisco Email Security Appliance C170 Referências técnicas

Cisco AsyncOS 8.5.5 CLI Reference Guide

Chapter 3 The Commands: Reference Examples

Domain Keys

•

Export a copy of your signing profile from the appliance:

•

Delete all the signing profiles from the appliance:

Batch Format - Verification Profiles

•

Create a new DKIM verification profile:

domainkeysconfig profiles signing export <filename>

domainkeysconfig profiles signing clear

domainkeysconfig profiles verification new <name>

<verification-profile-options>

Table 3-26

domainkeysconfig Verification Profile Options

Argument

Description

--name

The name of DKIM verification profile.

--min_key_size

The smallest key to be accepted. Possible key-length
values (in bits) are

512, 768, 1024, 1536

and

2048

Default is

512

--max_key_size

The largest key to be accepted. Possible key-length
values (in bits) are

512, 768, 1024, 1536

and

2048

Default is

2048

--max_signatures_num

A maximum number of signatures in the message to
verify. Possible value is any positive number.
Default is

--key_query_timeout

A number of seconds before the key query is timed
out. Possible value is any positive number. Default is

--max_systemtime_diverge
nce

A number of seconds to tolerate wall clock
asynchronization between sender and verifier.
Possible value is any positive number. Default is 60.

--use_body_length

Whether to use a body length parameter. Possible
values are

yes

. Default is

yes

--tempfail_action

The SMTP action should be taken in case of
temporary failure. Possible values are

reject

. Default is

--tempfail_response_code

The SMTP response code for rejected message in
case of temporary failure. Possible value is number
in

4XX

format. Default is

451

--tempfail_response_text

The SMTP response text for rejected message in
case of temporary failure. Default is

#4.7.5 Unable

to verify signature - key server unavailable