Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
21-48
Cisco AsyncOS 8.0.2 for Email User Guide
Chapter 21 Configuring Routing and Delivery Features
Cisco Bounce Verification
Use the Import Table button on the Destination Controls page or the
destconfig -> import
command
to import a configuration file.You can also export your Destination Control entries to an INI file using
the Export Table button on the Destination Controls page or the
the Export Table button on the Destination Controls page or the
destconfig -> export
command.
AsyncOS includes the
[Default]
domain control entry in the exported INI file.
Destination Controls and the CLI
You can use the
destconfig
command in the CLI to configure Destination Control entries. This
command is discussed in the Cisco AsyncOS CLI Reference Guide.
Cisco Bounce Verification
A “bounce” message is a new message that is sent by a receiving MTA, using the Envelope Sender of
the original email as the new Envelope Recipient. This bounce is sent back to the Envelope Recipient
(usually) with a blank Envelope Sender (MAIL FROM: < >) when the original message is undeliverable
(typically due to a non-existent recipient address).
the original email as the new Envelope Recipient. This bounce is sent back to the Envelope Recipient
(usually) with a blank Envelope Sender (MAIL FROM: < >) when the original message is undeliverable
(typically due to a non-existent recipient address).
Increasingly, spammers are attacking email infrastructure via misdirected bounce attacks. These attacks
consist of a flood of bounce messages, sent by unknowing, legitimate mail servers. Basically, the process
spammers use is to send email via open relays and “zombie” networks to multiple, potentially invalid
addresses (Envelope Recipients) at various domains. In these messages, the Envelope Sender is forged
so that the spam appears to be coming from a legitimate domain (this is known as a “Joe job”).
consist of a flood of bounce messages, sent by unknowing, legitimate mail servers. Basically, the process
spammers use is to send email via open relays and “zombie” networks to multiple, potentially invalid
addresses (Envelope Recipients) at various domains. In these messages, the Envelope Sender is forged
so that the spam appears to be coming from a legitimate domain (this is known as a “Joe job”).
In turn, for each incoming email with an invalid Envelope Recipient, the receiving mail servers generate
a new email — a bounce message — and send it along to the Envelope Sender at the innocent domain
(the one whose Envelope Sender address was forged). As a result, this target domain receives a flood of
“misdirected” bounces — potentially millions of messages. This type of distributed denial of service
attack can bring down email infrastructure and render it impossible for the target to send or receive
legitimate email.
a new email — a bounce message — and send it along to the Envelope Sender at the innocent domain
(the one whose Envelope Sender address was forged). As a result, this target domain receives a flood of
“misdirected” bounces — potentially millions of messages. This type of distributed denial of service
attack can bring down email infrastructure and render it impossible for the target to send or receive
legitimate email.
500 concurrent connections
100 recipients per 60 minutes
Limits applied to entire domain, across all virtual gateways
TLS: Required (Verify)
Bounce Profile: tls_failed
example2.com
IP Address Preference: IPv6 Preferred
Maximum messages per connection: Default
Rate Limiting: Default
TLS: Preferred
Bounce Profile: tls_failed