Cisco Cisco Email Security Appliance C170 Guia Do Utilizador
7-24
Cisco AsyncOS 8.5.5 for Email Security User Guide
Chapter 7 Defining Which Hosts Are Allowed to Connect Using the Host Access Table (HAT)
SenderBase Settings and Mail Flow Policies
When the option to use SenderBase for flow control is set to “OFF” or Directory Harvest Attack
Prevention is enabled, the “significant bits” value is applied to the connecting sender’s IP address, and
the resulting CIDR notation is used as the token for matching defined sender groups within the HAT.
Any rightmost bits that are covered by the CIDR block are “zeroed out” when constructing the string.
Thus, if a connection from the IP address 1.2.3.4 is made and matches on a policy with the
significant_bits option set to 24, the resultant CIDR block would be 1.2.3.0/24. So by using this feature,
the HAT sender group entry (for example, 10.1.1.0/24) can have a different number of network
significant bits (24) from the significant bits entry in the policy assigned to that group (32, in the example
above).
Prevention is enabled, the “significant bits” value is applied to the connecting sender’s IP address, and
the resulting CIDR notation is used as the token for matching defined sender groups within the HAT.
Any rightmost bits that are covered by the CIDR block are “zeroed out” when constructing the string.
Thus, if a connection from the IP address 1.2.3.4 is made and matches on a policy with the
significant_bits option set to 24, the resultant CIDR block would be 1.2.3.0/24. So by using this feature,
the HAT sender group entry (for example, 10.1.1.0/24) can have a different number of network
significant bits (24) from the significant bits entry in the policy assigned to that group (32, in the example
above).
Injection Control Periodicity
A global configuration option exists to allow you to adjust when the injection control counters are reset.
For very busy systems maintaining counters for a very large number of different IP addresses,
configuring the counters to be reset more frequently (for example, every 15 minutes instead of every 60
minutes) will ensure that the data does not grow to an unmanageable size and impact system
performance.
For very busy systems maintaining counters for a very large number of different IP addresses,
configuring the counters to be reset more frequently (for example, every 15 minutes instead of every 60
minutes) will ensure that the data does not grow to an unmanageable size and impact system
performance.
The current default value is 3600 seconds (1 hour).You can specify periods ranging from as little as 1
minute (60 seconds) to as long as 4 hours (14,400 seconds).
minute (60 seconds) to as long as 4 hours (14,400 seconds).
Adjust this period via the GUI, using the global settings (for more information, see
).
You can also adjust this period using the
listenerconfig -> setup
command in the CLI.
mail3.example.com> listenerconfig
Currently configured listeners:
1. InboundMail (on PublicNet, 192.168.2.1) SMTP TCP Port 25 Public
2. OutboundMail (on PrivateNet, 192.168.1.1) SMTP TCP Port 25 Private
Choose the operation you want to perform:
- NEW - Create a new listener.
- EDIT - Modify a listener.
- DELETE - Remove a listener.
- SETUP - Change global settings.
[]> setup
Enter the global limit for concurrent connections to be allowed across all listeners.
[300]>